Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Ocean-T2I4I8O9.exe

Overview

General Information

Sample name:Ocean-T2I4I8O9.exe
Analysis ID:1578770
MD5:1deedf7edd7b1affcb7555d9ed27eb48
SHA1:56d6f32a9e1e0039ebcdfe1c38e29ef9b29ced3c
SHA256:ae241c1570038da5a64118b448d5220109a2f2bdb36dde8e12b990d3a74aac1a
Tags:exeuser-dontdontdont
Infos:

Detection

Score:80
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

AI detected suspicious sample
Found Tor onion address
Found direct / indirect Syscall (likely to bypass EDR)
Found strings related to Crypto-Mining
Hides threads from debuggers
Installs new ROOT certificates
Overwrites code with unconditional jumps - possibly settings hooks in foreign process
PE file contains section with special chars
Tries to detect debuggers (CloseHandle check)
Tries to evade analysis by execution special instruction (VM detection)
Checks if the current process is being debugged
Creates a process in suspended mode (likely to inject code)
Enables debug privileges
Entry point lies outside standard sections
IP address seen in connection with other malware
Installs a raw input device (often for capturing keystrokes)
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
PE file contains more sections than normal
PE file contains sections with non-standard names
Queries keyboard layouts
Queries the volume information (name, serial number etc) of a device
Stores large binary data to the registry
Uses a known web browser user agent for HTTP communication
Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Classification

Process Tree

  • System is w10x64
  • Ocean-T2I4I8O9.exe (PID: 6592 cmdline: "C:\Users\user\Desktop\Ocean-T2I4I8O9.exe" MD5: 1DEEDF7EDD7B1AFFCB7555D9ED27EB48)
    • msedgewebview2.exe (PID: 2504 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=Ocean-T2I4I8O9.exe --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=6592.5960.2910270123947271652 MD5: 9909D978B39FB7369F511D8506C17CA0)
      • msedgewebview2.exe (PID: 3844 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x170,0x7ffdfb378e88,0x7ffdfb378e98,0x7ffdfb378ea8 MD5: 9909D978B39FB7369F511D8506C17CA0)
      • msedgewebview2.exe (PID: 7188 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --webview-exe-name=Ocean-T2I4I8O9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1764 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=MojoIpcz /prefetch:2 MD5: 9909D978B39FB7369F511D8506C17CA0)
      • msedgewebview2.exe (PID: 7196 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --webview-exe-name=Ocean-T2I4I8O9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2768 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=MojoIpcz /prefetch:3 MD5: 9909D978B39FB7369F511D8506C17CA0)
      • msedgewebview2.exe (PID: 7212 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --webview-exe-name=Ocean-T2I4I8O9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2988 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=MojoIpcz /prefetch:8 MD5: 9909D978B39FB7369F511D8506C17CA0)
      • msedgewebview2.exe (PID: 7300 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --webview-exe-name=Ocean-T2I4I8O9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1734687315032790 --launch-time-ticks=5393060708 --mojo-platform-channel-handle=3384 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=MojoIpcz /prefetch:1 MD5: 9909D978B39FB7369F511D8506C17CA0)
      • msedgewebview2.exe (PID: 5252 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --webview-exe-name=Ocean-T2I4I8O9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=748 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=MojoIpcz /prefetch:2 MD5: 9909D978B39FB7369F511D8506C17CA0)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
AI detected suspicious sample
Source: Submited SampleIntegrated Neural Analysis Model: Matched 99.4% probability

Bitcoin Miner

barindex
Found strings related to Crypto-Mining
Source: msedgewebview2.exe, 00000002.00000002.4215999439.000067BC02A34000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: jsecoin.com
Source: msedgewebview2.exe, 00000002.00000002.4216181758.000067BC02A58000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: "coinhive.com
Source: Ocean-T2I4I8O9.exeStatic PE information: certificate valid
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile opened: C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Network\SCT Auditing Pending ReportsJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile opened: C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile opened: C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile opened: C:\Users\user\AppData\Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile opened: C:\Users\user\Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile opened: C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Network\ef764e1a-48cf-424a-81b5-7dfcb68c6665.tmpJump to behavior

Networking

barindex
Found Tor onion address
Source: Ocean-T2I4I8O9.exe, 00000000.00000002.4163019359.0000000140363000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: socks LockedremovehangupkilledlistensocketminimiSTDERRSTDOUT390625uint16uint32uint64structchan<-<-chan ValueX25519%w%.0wSundayMondayFridayAugustUTC-11UTC-02UTC-08UTC-09UTC+12UTC+13minutesecondAcceptServernetdnsdomaingophertelnetreturn.local.onionip+netsysmontimersefenceselect, not objectbad tsCommonGetACPnumberIsMenuBitBltPatBltEndDocLineToMulDivOriginexec: GetAcesendtordtscppopcntsecretheaderAnswerLengthcmd/go%s; %sSTREETavx512rdrandrdseedfloat32float64UpgradeTrailersocks5hHEADERSReferer flags= len=%d (conn) %v=%v,expiresrefererrefreshtrailerGODEBUGname %q:method:schemeupgrade:statushttp://chunkednosniffCreatedIM UsedCONNECTreaddirchtimesconsoleabortedCopySidWSARecvWSASendconnectsignal 19531259765625invaliduintptrChanDir using , type= Value>Convertnil keytls3desderivedInitialTuesdayJanuaryOctoberMUI_StdMUI_DltExpiresSubjectwindowswsarecvwsasendlookup writeto:eventscharsetforcegcallocmWcpuprofallocmRunknowngctraceIO waitforevernetworkUNKNOWN\\.\UNCnumber mpr.dllSetRectToAsciiEndMenuGetMenuSetMenuMaskBltEllipseEndPagePolygonPATHEXTEd25519MD5-RSAserial:NtCloseFreeSidSleepExavx512fSHA-224SHA-256SHA-384SHA-512eae_prkanswersos/execruntime2.5.4.62.5.4.32.5.4.52.5.4.72.5.4.82.5.4.9pdh.dllamxtileamxint8amxbf16osxsaveGoStringfont/ttffont/otfhijackedNO_ERRORPRIORITYSETTINGSLocation data=%q incr=%v ping=%qif-matchlocationhttp/1.1bad_flowprioritybad_pathHTTP/2.0%s_%s_%sdisjointoverlapsHTTP/1.1no-cacheContinueAcceptedConflicttruncateFullPathno anodeCancelIoReadFileAcceptExWSAIoctlshutdowncloseappdownload[%s] %s
Source: Joe Sandbox ViewIP Address: 172.67.41.16 172.67.41.16
Source: Joe Sandbox ViewIP Address: 104.17.248.203 104.17.248.203
Source: Joe Sandbox ViewIP Address: 151.101.129.229 151.101.129.229
Source: Joe Sandbox ViewIP Address: 151.101.65.229 151.101.65.229
Source: global trafficHTTP traffic detected: GET /aos@2.3.1/dist/aos.css HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /aos@2.3.1/dist/aos.js HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /tippy.js@6 HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /@popperjs/core@2 HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: cdn.tailwindcss.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /particles.js/2.0.0/particles.min.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /tippy.js@6.3.7 HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /@popperjs/core@2.11.8 HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /3.4.16 HTTP/1.1Host: cdn.tailwindcss.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /examples/js/libs/stats.min.js HTTP/1.1Host: threejs.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /tippy.js@6.3.7/dist/tippy-bundle.umd.min.js HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /@popperjs/core@2.11.8/dist/umd/popper.min.js HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /particles.js/2.0.0/particles.min.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /examples/js/libs/stats.min.js HTTP/1.1Host: threejs.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /api/customgui/T2I4I8O9.exe HTTP/1.1Host: anticheat.acUser-Agent: MAQUINADEARMADOAccept-Encoding: gzip
Source: global trafficHTTP traffic detected: GET /api/customgui/T2I4I8O9.exe/ HTTP/1.1Host: anticheat.acUser-Agent: MAQUINADEARMADOReferer: http://anticheat.ac/api/customgui/T2I4I8O9.exe/Accept-Encoding: gzip
Source: global trafficHTTP traffic detected: GET /aos@2.3.1/dist/aos.css HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /aos@2.3.1/dist/aos.js HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /tippy.js@6 HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /@popperjs/core@2 HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: cdn.tailwindcss.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /particles.js/2.0.0/particles.min.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /tippy.js@6.3.7 HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /@popperjs/core@2.11.8 HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /3.4.16 HTTP/1.1Host: cdn.tailwindcss.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /examples/js/libs/stats.min.js HTTP/1.1Host: threejs.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /tippy.js@6.3.7/dist/tippy-bundle.umd.min.js HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /@popperjs/core@2.11.8/dist/umd/popper.min.js HTTP/1.1Host: unpkg.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/customgui/T2I4I8O9.exe/ HTTP/1.1Host: anticheat.acUser-Agent: MAQUINADEARMADOAccept-Encoding: gzip
Source: global trafficHTTP traffic detected: GET /particles.js/2.0.0/particles.min.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /examples/js/libs/stats.min.js HTTP/1.1Host: threejs.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: msedgewebview2.exe, 00000002.00000003.2611339152.000067BC04A94000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4229350908.000067BC04A98000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.2368275403.000067BC04A94000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: ?www.facebook.com equals www.facebook.com (Facebook)
Source: msedgewebview2.exe, 00000008.00000003.1859723999.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1788772192.000046B000898000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1887630441.000046B000888000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://microsoftstart.msn.cn/*https://rewards.microsoft.com/*https://www.microsoftnews.com/*https://www.facebook.com/*www.staging-bing-int.comaction.getBadgeTextColorhttps://outlook.live.com/*https://rewards.bing.com/*https://www.microsoftnews.cn/*translatorserp.bing.comhttps://translator.bing.com/* equals www.facebook.com (Facebook)
Source: msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1859723999.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1788772192.000046B000898000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/* equals www.facebook.com (Facebook)
Source: msedgewebview2.exe, 00000002.00000002.4207647601.000067BC022D4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.2611339152.000067BC04A94000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4229350908.000067BC04A98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
Source: global trafficDNS traffic detected: DNS query: anticheat.ac
Source: global trafficDNS traffic detected: DNS query: cdn.tailwindcss.com
Source: global trafficDNS traffic detected: DNS query: unpkg.com
Source: global trafficDNS traffic detected: DNS query: cdn.jsdelivr.net
Source: global trafficDNS traffic detected: DNS query: pro.fontawesome.com
Source: global trafficDNS traffic detected: DNS query: threejs.org
Source: global trafficDNS traffic detected: DNS query: chrome.cloudflare-dns.com
Source: unknownHTTP traffic detected: POST /dns-query HTTP/1.1Host: chrome.cloudflare-dns.comConnection: keep-aliveContent-Length: 128Accept: application/dns-messageAccept-Language: *User-Agent: ChromeAccept-Encoding: identityContent-Type: application/dns-message
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 20 Dec 2024 11:05:07 GMTContent-Type: application/jsonContent-Length: 26Connection: closeaccess-control-allow-origin: *vary: Accept-Encoding, Cookiestrict-transport-security: max-age=63072000; includeSubDomains; preloadcf-cache-status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FjLkQaihFZ7nujCdjmJil8uqLb76TP0MsBJsOnoRDLZWGdce0NX5%2BeJ6enHdRTg5P3GvoeY9BIGyuiYRF%2B%2Bg3Jgi9CwyX5CyNvF98V0XkQGTYlABheMIm08UtrCsqWE%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8f4f27cdc8817295-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1983&min_rtt=1975&rtt_var=758&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2829&recv_bytes=790&delivery_rate=1428571&cwnd=206&unsent_bytes=0&cid=e10943f663cbbb2c&ts=539&x=0"
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeContent-Length: 9379Server: GitHub.comContent-Type: text/html; charset=utf-8x-origin-cache: HITAccess-Control-Allow-Origin: *ETag: "64d39a40-24a3"Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'x-proxy-cache: MISSX-GitHub-Request-Id: 3B00:66412:8570E8:8FAD24:67654F6BAccept-Ranges: bytesAge: 0Date: Fri, 20 Dec 2024 11:05:15 GMTVia: 1.1 varnishX-Served-By: cache-ewr-kewr1740038-EWRX-Cache: MISSX-Cache-Hits: 0X-Timer: S1734692716.712867,VS0,VE13Vary: Accept-EncodingX-Fastly-Request-ID: 0073cb585fdb641b68763649683597c66d9c5f85
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129fy.ie.chalai.net
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://360kjedge.dh.softby.cn
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://360kjedge.xrccp.com
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://430360cs.yc.anhuang.net
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://511sllqdkj.yc.anhuang.net
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://511zdqdkj.yc.anhuang.net
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://608hyestn.yc.ceg29.com
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://625mressw.yc.ceg29.com
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://803hyescs.30bz.com
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://aldkj207.dh.softby.cn
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://aldkj827.xrccp.com
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778219856.000067D000150000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/1423136
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2162
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2517
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2970
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3078
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3205
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3206
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3452
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3498
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3502
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3577
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3584
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3586
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3832
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3862
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3965
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3970
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4324
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4384
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4405
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4428
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4551
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4633
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4722
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4836
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4901
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4937
Source: msedgewebview2.exe, 00000002.00000002.4206525440.000067BC02228000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778219856.000067D000150000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5007
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5055
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5061
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5281
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5371
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5375
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5421
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5430
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5535
Source: msedgewebview2.exe, 00000002.00000002.4215441405.000067BC02984000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5750
Source: msedgewebview2.exe, 00000002.00000002.4215441405.000067BC02984000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5750g
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5881
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5901
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5906
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6041
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6048
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6141
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6248
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6439
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6651
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6692
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6692V
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6755
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6860
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6876
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6878
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6929
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6953
Source: msedgewebview2.exe, 00000002.00000002.4206525440.000067BC02228000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778219856.000067D000150000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7036
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7047
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7172
Source: msedgewebview2.exe, 00000002.00000002.4206525440.000067BC02228000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7279
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7370
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7406
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7488
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7553
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7556
Source: msedgewebview2.exe, 00000002.00000002.4206525440.000067BC02228000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778219856.000067D000150000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7724
Source: msedgewebview2.exe, 00000002.00000002.4215441405.000067BC02984000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778219856.000067D000150000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7760
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7761
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8162
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8215
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8229
Source: msedgewebview2.exe, 00000002.00000002.4215441405.000067BC02984000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8280
Source: Ocean-T2I4I8O9.exe, 00000000.00000002.4176277726.000000C0000D2000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anticheat.ac/api/custom
Source: Ocean-T2I4I8O9.exe, 00000000.00000002.4176277726.000000C0000D2000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anticheat.ac/api/customgin:
Source: Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C00022E000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4176277726.000000C000164000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4176277726.000000C000171000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4176277726.000000C00000E000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://anticheat.ac/api/customgui/T2I4I8O9.exe/
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://bd.gy912.com
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cdmg.yuchiweb.icu
Source: Ocean-T2I4I8O9.exe, 00000000.00000003.1777946058.0000780400658000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C000356000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C0002D2000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C000240000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1777390300.000078040064C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1788251185.000078040060C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4159791862.0000000049D50000.00000004.00000020.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C0002A4000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C000280000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778523150.0000780400670000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4163019359.0000000140363000.00000002.00000001.01000000.00000003.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778313221.0000780400664000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1779138595.0000780400688000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4151253237.0000000000CA6000.00000004.00000020.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1780804126.0000780400688000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778622995.000078040067C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1781427690.00007804006A0000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C000246000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1780628181.000078040067C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1779307146.00007804006A0000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C00023E000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://cdn.jsdelivr.net/particles.js/2.0.0/particles.min.js
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://click.dotmap.co.kr/?pf_code=
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://df.edge.bdkj.bailiana.com
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://df.edge.qhkj.baicana.com
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://df.edge.zdkj.ker58.com
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://df.zm.zdkj.ker58.com
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://dongtaiwang.com/loc/phome.php?v=
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://dongtaiwang.com/loc/phome.php?v=odo
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://game.whwuyan.cn
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://hao123.di178.com/?
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://hao123.di178.com/?r916
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://hao123kjedge.dh.softby.cn
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://jg.wangamela.com/tg
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mini.yyrtv.com/?from=
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://navi.anhuiyunci.com
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://navi.programmea.com
Source: msedgewebview2.exe, 00000002.00000002.4208829370.000067BC023AC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4209812040.000067BC02428000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://permanently-removed.invalid/
Source: msedgewebview2.exe, 00000002.00000002.4207275057.000067BC02274000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1869630032.000046B0009BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://permanently-removed.invalid/v1/accountcapabilities:batchGet
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r.emsoso.cn
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r.jgxqebp.cn
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://service.whchenxiang.com
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://sgcs.edge.ker58.com
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://sgkjedge.47gs.com
Source: Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C000356000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1788251185.000078040060C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4159791862.0000000049D50000.00000004.00000020.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4163019359.0000000140363000.00000002.00000001.01000000.00000003.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4151253237.0000000000CA6000.00000004.00000020.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1780804126.0000780400688000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1781427690.00007804006A0000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1780628181.000078040067C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1793494601.000067BC03F6C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4208553582.000067BC0237C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1801176121.000067BC03F6C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1871694340.000046B00152C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1797543409.000046B00078C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1797969122.000046B00110C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1796821924.000046B000788000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1796632003.000046B00152C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1797586101.000046B000794000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1797498858.000046B000788000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1797259057.000046B000788000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1796632003.000046B0014AC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1797002773.000046B00152C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://threejs.org/examples/js/libs/stats.min.js
Source: msedgewebview2.exe, 00000002.00000002.4208553582.000067BC0237C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://threejs.org/examples/js/libs/stats.min.jsg
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tx.edge.ker58.com
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://vi.liveen.vn/p/home.html
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://web.113989.com/?
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://web.503188.com/?
Source: msedgewebview2.exe, 00000002.00000002.4212684128.000067BC02784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.4399.com/flash/32979.htm
Source: msedgewebview2.exe, 00000002.00000002.4212684128.000067BC02784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.4399.com/flash/48399.htm
Source: msedgewebview2.exe, 00000002.00000002.4212684128.000067BC02784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.4399.com/flash/seer.htm
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.dinoklafbzor.org
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.hao123.com.11818wz.com/?e
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://xt.tiantianbannixue.com
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4208829370.000067BC023AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://zn728.tdg68.com
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://123.sogou.com/?
Source: msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://17roco.qq.com
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://360.qrfq25sg.xyz
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4208829370.000067BC023AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://656a.com
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/4830
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/4966
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/5845
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/6574
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7161
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7162
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7246
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7308
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7319
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7320
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7369
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7382
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7489
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7604
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7714
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7847
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7899
Source: Ocean-T2I4I8O9.exe, 00000000.00000002.4176277726.000000C00000E000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://anticheat.ac/api/customgui/T2I4I8O9.exe
Source: Ocean-T2I4I8O9.exe, 00000000.00000002.4176277726.000000C0000D2000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://anticheat.ac/api/customgui/T2I4I8O9.exe/
Source: Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C00022A000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://anticheat.ac/api/customgui/T2I4I8O9.exe/C:
Source: Ocean-T2I4I8O9.exe, 00000000.00000002.4176277726.000000C00000E000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://anticheat.ac/api/customgui/T2I4I8O9.exehttp://anticheat.ac/api/customgui/T2I4I8O9.exe/#
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ausu.lol
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ausu.lol.com
Source: msedgewebview2.exe, 00000002.00000002.4209413905.000067BC0240C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://azureedge.net/
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://browser.360.cn/saas/index.html
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://browser.cloud.huawei.com.cn/pc
Source: msedgewebview2.exe, 00000002.00000002.4209812040.000067BC02428000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.designerapp.osi.office.net/
Source: msedgewebview2.exe, 00000002.00000002.4209812040.000067BC02428000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.edog.designerapp.osi.office.net/
Source: msedgewebview2.exe, 00000002.00000002.4209812040.000067BC02428000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.int.designerapp.osi.office.net/
Source: Ocean-T2I4I8O9.exe, 00000000.00000003.1777946058.0000780400658000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C000356000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C0002D2000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C000240000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1777390300.000078040064C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1788251185.000078040060C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4159791862.0000000049D50000.00000004.00000020.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C0002A4000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C000280000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778523150.0000780400670000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4163019359.0000000140363000.00000002.00000001.01000000.00000003.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4203353728.00007804002D0000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778313221.0000780400664000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1779138595.0000780400688000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4151253237.0000000000CA6000.00000004.00000020.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1780804126.0000780400688000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778622995.000078040067C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1781427690.00007804006A0000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C000246000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1780628181.000078040067C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1779307146.00007804006A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.tailwindcss.com
Source: msedgewebview2.exe, 00000002.00000002.4223172880.000067BC02FB4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.tailwindcss.com/
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://code.51.com
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://daohang.96zxue.com
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://de.withtls.net
Source: msedgewebview2.exe, 00000002.00000002.4209812040.000067BC02428000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://designerapp-dogfood.azurewebsites.net/
Source: msedgewebview2.exe, 00000002.00000002.4209812040.000067BC02428000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://designerapp-int.azurewebsites.net/
Source: msedgewebview2.exe, 00000002.00000002.4209812040.000067BC02428000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://designerapp.azurewebsites.net/
Source: msedgewebview2.exe, 00000002.00000002.4209812040.000067BC02428000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://designerapp.azurewebsites.net/net//
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://dev.tg.wan.360.cn/?
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://discovery.lenovo.com.cn/home
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://discovery.lenovo.com.cn/home062291
Source: msedgewebview2.exe, 00000002.00000002.4210849270.000067BC024CC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4218705162.000067BC02BEC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://edge-conumer-static.azureedge.net/static/edropstatic/2023/09/13/2/static/css/main.ae43b158.c
Source: msedgewebview2.exe, 00000002.00000002.4210849270.000067BC024CC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4222978424.000067BC02F80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://edge-conumer-static.azureedge.net/static/edropstatic/2023/09/13/2/static/js/main.2c5481de.js
Source: msedgewebview2.exe, 00000002.00000002.4208829370.000067BC023AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://edge.ilive.cn
Source: Ocean-T2I4I8O9.exe, 00000000.00000003.1777946058.0000780400658000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C000356000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C0002D2000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C000240000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1777390300.000078040064C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1788251185.000078040060C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4159791862.0000000049D50000.00000004.00000020.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C0002A4000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C000280000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778523150.0000780400670000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4163019359.0000000140363000.00000002.00000001.01000000.00000003.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4203353728.00007804002D0000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778313221.0000780400664000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1779138595.0000780400688000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4151253237.0000000000CA6000.00000004.00000020.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1780804126.0000780400688000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778622995.000078040067C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1781427690.00007804006A0000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C000246000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1780628181.000078040067C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1779307146.00007804006A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://fonts.googleapis.com
Source: Ocean-T2I4I8O9.exe, 00000000.00000003.1777946058.0000780400658000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C000356000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C0002D2000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C000240000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1777390300.000078040064C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1788251185.000078040060C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4159791862.0000000049D50000.00000004.00000020.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C0002A4000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C000280000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778523150.0000780400670000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4163019359.0000000140363000.00000002.00000001.01000000.00000003.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4203353728.00007804002D0000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778313221.0000780400664000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1779138595.0000780400688000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4151253237.0000000000CA6000.00000004.00000020.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1780804126.0000780400688000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778622995.000078040067C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1781427690.00007804006A0000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C000246000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1780628181.000078040067C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1779307146.00007804006A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://fonts.googleapis.com/css2?family=Inter:wght
Source: Ocean-T2I4I8O9.exe, 00000000.00000003.1777946058.0000780400658000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C000356000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C0002D2000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C000240000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1777390300.000078040064C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1788251185.000078040060C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4159791862.0000000049D50000.00000004.00000020.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C0002A4000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C000280000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778523150.0000780400670000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4163019359.0000000140363000.00000002.00000001.01000000.00000003.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4203353728.00007804002D0000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778313221.0000780400664000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1779138595.0000780400688000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4151253237.0000000000CA6000.00000004.00000020.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1780804126.0000780400688000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778622995.000078040067C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1781427690.00007804006A0000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C000246000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1780628181.000078040067C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1779307146.00007804006A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://fonts.gstatic.com
Source: Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C000356000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C0002D2000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1788251185.000078040060C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4159791862.0000000049D50000.00000004.00000020.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C0002A4000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4163019359.0000000140363000.00000002.00000001.01000000.00000003.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4151253237.0000000000CA6000.00000004.00000020.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1780804126.0000780400688000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1781427690.00007804006A0000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1780628181.000078040067C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1779307146.00007804006A0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1793494601.000067BC03F6C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1801176121.000067BC03F6C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1871694340.000046B00152C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1797543409.000046B00078C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1796821924.000046B000788000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1796632003.000046B00152C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1797586101.000046B000794000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1797498858.000046B000788000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1796750045.000046B00146C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1797259057.000046B000788000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://frsecure.com/blog/windows-forensics-execution/
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://gamebox.160.com/static
Source: Ocean-T2I4I8O9.exe, 00000000.00000002.4163019359.0000000140363000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: https://gcc.gnu.org/bugs/):
Source: msedgewebview2.exe, 00000002.00000002.4209413905.000067BC0240C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google.com/
Source: msedgewebview2.exe, 00000002.00000002.4212290110.000067BC02728000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://gostop.hangame.com/index.nhn?gameId=msduelgo&utm_source=msduelgo&utm_medium=icon&utm_campaig
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://h5.mcetab.com
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.360.cn/?a1004
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.360.com/?360safe
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.360.com/?a1004
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.360.com/?a1111
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.360.com/?h_lnk
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.360.com/?installer
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.360.com/?src=jsqth
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.360.com/?src=lm&ls=
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.360.com/?wd_xp1
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.360.com/?y1001
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.360.com/?y1002
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.360.com/?y1013
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.lenovo.ilive.cn
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.qq.com/?unc=
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.qq.com/?unc=Af31026&s=o400493_1
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hk.eynbm.com
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hk.eynbm.comn
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hlj04.com
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ilive.lenovo.com.cn/?f=
Source: msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4207647601.000067BC022D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://int.msn.cn/
Source: msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4207647601.000067BC022D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://int.msn.com/
Source: msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4207647601.000067BC022D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://int1.msn.cn/
Source: msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4207647601.000067BC022D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://int1.msn.com/
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://internet-start.net/?
Source: msedgewebview2.exe, 00000002.00000002.4220852371.000067BC02DDC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/issues/166475273
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://jg.awaliwa.com
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://jianjie.2345.com
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://kf.07073.com
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lenovo.ilive.cn
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lenovo.ilive.cn/?f=
Source: msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1859723999.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1788772192.000046B000898000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1887630441.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1848524201.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1888401292.000046B000888000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://localhost.msn.com/
Source: msedgewebview2.exe, 00000002.00000002.4207275057.000067BC02274000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.partner.microsoftonline.cn/er
Source: msedgewebview2.exe, 00000002.00000002.4207741442.000067BC022F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lx.pub
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lx.pub/
Source: msedgewebview2.exe, 00000002.00000002.4180196176.000002685A0B8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://malaysia.smar
Source: msedgewebview2.exe, 00000002.00000002.4180196176.000002685A0B8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://malaysia.smarscreen.
Source: msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1859723999.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1788772192.000046B000898000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1887630441.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1848524201.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1888401292.000046B000888000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://microsoftstart.msn.cn/
Source: msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://microsoftstart.msn.com/
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mini.eastday.com/?qid=04433&rfstyle=qt
Source: msedgewebview2.exe, 00000002.00000002.4209413905.000067BC0240C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://msn.cn/
Source: msedgewebview2.exe, 00000002.00000002.4209413905.000067BC0240C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://msn.com/
Source: msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://my.4399.com/yxmsdzls/
Source: msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://news.4399.com/aoqi/
Source: msedgewebview2.exe, 00000002.00000002.4212684128.000067BC02784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://news.4399.com/aoyazhiguang/
Source: msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://news.4399.com/hxjy/
Source: msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://news.4399.com/pikatang/
Source: msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://news.4399.com/qiu/
Source: msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4207647601.000067BC022D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ntp.msn.cn/
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ntp.msn.cn/edge/ntp
Source: msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4207647601.000067BC022D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ntp.msn.com/
Source: msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1859723999.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1788772192.000046B000898000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1887630441.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1848524201.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1888401292.000046B000888000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ntp.www.office.com/
Source: msedgewebview2.exe, 00000002.00000002.4209413905.000067BC0240C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://office.net/
Source: msedgewebview2.exe, 00000002.00000002.4207647601.000067BC022D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://outlook.com/
Source: msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1859723999.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1788772192.000046B000898000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1887630441.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1848524201.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1888401292.000046B000888000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://outlook.live.com/
Source: msedgewebview2.exe, 00000002.00000002.4206525440.000067BC02228000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4218217440.000067BC02B40000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4209812040.000067BC02428000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.4173492063.00001BA400124000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/
Source: msedgewebview2.exe, 00000002.00000002.4206525440.000067BC02228000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/AddSession
Source: msedgewebview2.exe, 00000002.00000002.4207275057.000067BC02274000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1869630032.000046B0009BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/GetCheckConnectionInfo
Source: msedgewebview2.exe, 00000002.00000002.4208461587.000067BC02370000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/GetCheckConnectionInfo?source=ChromiumBrowser
Source: msedgewebview2.exe, 00000002.00000002.4207275057.000067BC02274000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1869630032.000046B0009BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/ListAccounts?json=standard
Source: msedgewebview2.exe, 00000002.00000002.4206525440.000067BC02228000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/Logout
Source: msedgewebview2.exe, 00000002.00000002.4206525440.000067BC02228000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/LogoutYxABzen
Source: msedgewebview2.exe, 00000002.00000002.4220852371.000067BC02DDC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4206525440.000067BC02228000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/MergeSession
Source: msedgewebview2.exe, 00000002.00000002.4206525440.000067BC02228000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/OAuthLogin
Source: msedgewebview2.exe, 00000002.00000002.4206525440.000067BC02228000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/RotateBoundCookies
Source: msedgewebview2.exe, 00000002.00000002.4206525440.000067BC02228000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/chrome/blank.html
Source: msedgewebview2.exe, 00000002.00000002.4207275057.000067BC02274000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1869630032.000046B0009BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/embedded/reauth/chromeos
Source: msedgewebview2.exe, 00000002.00000002.4207275057.000067BC02274000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1869630032.000046B0009BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/embedded/setup/chrome/usermenu
Source: msedgewebview2.exe, 00000002.00000002.4207275057.000067BC02274000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1869630032.000046B0009BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/embedded/setup/kidsignin/chromeos
Source: msedgewebview2.exe, 00000002.00000002.4207275057.000067BC02274000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1869630032.000046B0009BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/embedded/setup/kidsignup/chromeos
Source: msedgewebview2.exe, 00000002.00000002.4207275057.000067BC02274000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1869630032.000046B0009BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/embedded/setup/v2/chromeos
Source: msedgewebview2.exe, 00000002.00000002.4207275057.000067BC02274000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1869630032.000046B0009BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/embedded/setup/windows
Source: msedgewebview2.exe, 00000002.00000002.4207275057.000067BC02274000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1869630032.000046B0009BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/embedded/xreauth/chrome
Source: msedgewebview2.exe, 00000002.00000002.4207275057.000067BC02274000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1869630032.000046B0009BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/encryption/unlock/desktop
Source: msedgewebview2.exe, 00000002.00000002.4220852371.000067BC02DDC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4206525440.000067BC02228000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/o/oauth2/revoke
Source: msedgewebview2.exe, 00000002.00000002.4220852371.000067BC02DDC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4206525440.000067BC02228000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth/multilogin
Source: msedgewebview2.exe, 00000002.00000002.4206525440.000067BC02228000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth2/v1/userinfo
Source: msedgewebview2.exe, 00000002.00000002.4206525440.000067BC02228000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth2/v2/tokeninfo
Source: msedgewebview2.exe, 00000002.00000002.4206525440.000067BC02228000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4210368750.000067BC02474000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth2/v4/token
Source: msedgewebview2.exe, 00000002.00000002.4220852371.000067BC02DDC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4206525440.000067BC02228000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/reauth/v1beta/users/
Source: msedgewebview2.exe, 00000002.00000002.4207275057.000067BC02274000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1869630032.000046B0009BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/signin/chrome/sync?ssp=1
Source: msedgewebview2.exe, 00000002.00000002.4210573924.000067BC024A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/v1/events
Source: msedgewebview2.exe, 00000002.00000002.4206525440.000067BC02228000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/v1/issuetoken
Source: msedgewebview2.exe, 00000002.00000002.4211998904.000067BC026AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/v1:GetHints
Source: Ocean-T2I4I8O9.exe, 00000000.00000003.1777946058.0000780400658000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C000356000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C0002D2000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C000240000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1777390300.000078040064C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1788251185.000078040060C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4159791862.0000000049D50000.00000004.00000020.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C0002A4000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C000280000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778523150.0000780400670000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4163019359.0000000140363000.00000002.00000001.01000000.00000003.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778313221.0000780400664000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1779138595.0000780400688000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4151253237.0000000000CA6000.00000004.00000020.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1780804126.0000780400688000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778622995.000078040067C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1781427690.00007804006A0000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C000246000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1780628181.000078040067C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1779307146.00007804006A0000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C00023E000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://pro.fontawesome.com/releases/v6.0.0-beta1/css/all.css
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redian.mnjunshi.com/?qid=tpnews
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redian.mnjunshi.com/?qid=tpnewsy_pcuni
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://so.lenovo.com.cn
Source: msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ssjj.4399.com/
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://start.jword.jp/?fr=slc
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tg.602.com
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tg.602.comom
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tj.xyhvip.cn
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tp.9377s.com
Source: msedgewebview2.exe, 00000002.00000003.1798800801.000002685F85B000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4194418534.000002685F8EF000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4187653232.000002685BF5A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://unitedstates1.ss.wd.microsoft.us/
Source: msedgewebview2.exe, 00000002.00000003.1798800801.000002685F85B000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4194418534.000002685F8EF000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4187653232.000002685BF5A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://unitedstates2.ss.wd.microsoft.us/
Source: msedgewebview2.exe, 00000002.00000003.1798800801.000002685F85B000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4194418534.000002685F8EF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://unitedstates4.ss.wd.microsoft.us/
Source: Ocean-T2I4I8O9.exe, 00000000.00000003.1777946058.0000780400658000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C000356000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C0002D2000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C000240000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1777390300.000078040064C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1788251185.000078040060C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4159791862.0000000049D50000.00000004.00000020.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C0002A4000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C000280000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778523150.0000780400670000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4163019359.0000000140363000.00000002.00000001.01000000.00000003.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4203353728.00007804002D0000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778313221.0000780400664000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1779138595.0000780400688000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4151253237.0000000000CA6000.00000004.00000020.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1780804126.0000780400688000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778622995.000078040067C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1781427690.00007804006A0000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C000246000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1780628181.000078040067C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1779307146.00007804006A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://unpkg.com/
Source: msedgewebview2.exe, 00000002.00000003.1801176121.000067BC03F6C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1871694340.000046B00152C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1797543409.000046B00078C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1797969122.000046B00110C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1796821924.000046B000788000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1796632003.000046B00152C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1797586101.000046B000794000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1797498858.000046B000788000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1796750045.000046B00146C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1797259057.000046B000788000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1796632003.000046B0014AC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1797002773.000046B00152C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1837515018.000046B0014AC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1868074515.000046B0010CC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1797309283.000046B00078C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1908575303.000046B001310000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1796871632.000046B00078C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1873487576.000046B00131C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://unpkg.com/aos
Source: Ocean-T2I4I8O9.exe, 00000000.00000002.4203353728.00007804002D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://unpkg.com/ti
Source: Ocean-T2I4I8O9.exe, 00000000.00000003.1777946058.0000780400658000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C000356000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C0002D2000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C000240000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1777390300.000078040064C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1788251185.000078040060C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4159791862.0000000049D50000.00000004.00000020.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C0002A4000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C000280000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778523150.0000780400670000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4163019359.0000000140363000.00000002.00000001.01000000.00000003.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778313221.0000780400664000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1779138595.0000780400688000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4151253237.0000000000CA6000.00000004.00000020.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1780804126.0000780400688000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778622995.000078040067C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1781427690.00007804006A0000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C000246000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1780628181.000078040067C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1779307146.00007804006A0000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C00023E000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://unpkg.com/tippy.js
Source: Ocean-T2I4I8O9.exe, 00000000.00000002.4203353728.00007804002D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://unpkg.com/tix
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://web.sogou.com/?
Source: msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://windows.msn.cn/
Source: msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1859723999.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1788772192.000046B000898000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1887630441.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1848524201.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1888401292.000046B000888000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://windows.msn.com/
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4207831100.000067BC022FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.2345.com/?
Source: msedgewebview2.exe, 00000002.00000002.4212684128.000067BC02784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/100030_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212684128.000067BC02784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/10305_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212684128.000067BC02784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/10379.htm
Source: msedgewebview2.exe, 00000002.00000002.4212684128.000067BC02784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/10379_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212684128.000067BC02784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/107884_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212684128.000067BC02784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/109832_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212684128.000067BC02784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/12669_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212684128.000067BC02784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/127539_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212684128.000067BC02784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/130389_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212684128.000067BC02784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/130396.htm
Source: msedgewebview2.exe, 00000002.00000002.4212684128.000067BC02784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/130396_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212684128.000067BC02784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/132028.htm
Source: msedgewebview2.exe, 00000002.00000002.4212684128.000067BC02784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/133630_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212684128.000067BC02784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/134302_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/136516_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/137116_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/137953_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/1382_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/145991_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/151915_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/155283_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/155476_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/15548_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/160944_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/163478_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/171322_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/173634_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/177937_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/17801_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/18012.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/18012_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/180977_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/18169_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/187040_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/187228_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/188593.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/188739_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/189558_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/191203_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/195673_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/195990_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/198491_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/198637_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/198660_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/199408_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202061_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202574_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202604_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202692_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202724_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202785.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202819_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202828_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202901_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202907_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202911_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203018_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203093_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203152.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203153_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203154.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203166_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203178_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203215_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203231_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203231_4.htmhttps://www.4399.com/flash/203215_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203369_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203371_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203404_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203453_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203476_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203481_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203495_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203515_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203564_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203682_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203768_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204044_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204056_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204206.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204255_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204290_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204422_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204429_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204562_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204650_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204685_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204886_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204926_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204952_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204989_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205090_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205147.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205165.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205182.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205235_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205325_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205341_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205462_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205536_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205551_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205845_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/206114_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/20660_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/206724_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/207195_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/207717_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/208107_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/209567_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/210650_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/212767_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/21552_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/216417_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/21674_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217370_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217603_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217622_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217629_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217706_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217815_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217844_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217855_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217926_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/218066_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/218162_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/218717_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/218860_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/218939_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/220266_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/221162_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/221162_3.htmhttps://www.4399.com/flash/220266_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/221700_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/221839_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/222061_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/222151_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/222442_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/22287_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/223745.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/223745_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/225193_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/227465_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/230446_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/231814_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/27924.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/27924_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/32979_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/35538.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/35538_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/3881_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/3883_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/39379_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/40779_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/41193_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/42760_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/43689_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/43841_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/47931_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/48272_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/48504.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/48504_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/55146_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/59227_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/60369_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/6232_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/63805_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/65731_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/69112_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/69156_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/70215_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/72526_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/73386.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/776_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/79452_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/81895_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/83345_4.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/85646_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/87425_2.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/88902_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/90302_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/93015_1.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/93398_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/93551_3.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/yzzrhj.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/zmhj.htm
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.91duba.com/?
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.91duba.com/?f=
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.baidu.com/?tn=
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.baidu.com/s?tn=15007414_9_dg&wd=
Source: msedgewebview2.exe, 00000002.00000002.4208013272.000067BC02328000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.catcert.net/verarrel
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.douyin.com/?ug_source=
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.flash.cn/success
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.hao123.com/?tn=
Source: msedgewebview2.exe, 00000002.00000002.4212779156.000067BC0279C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.huobi.com/?utm_source=UT&utm_medium=prodnews&inviter_id=
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.iduba.com/sv.html?f=
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.jiegeng.com
Source: msedgewebview2.exe, 00000002.00000003.1801176121.000067BC03F6C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1871694340.000046B00152C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1797543409.000046B00078C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1796821924.000046B000788000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1796632003.000046B00152C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1797586101.000046B000794000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1797498858.000046B000788000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1796750045.000046B00146C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1797259057.000046B000788000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1796632003.000046B0014AC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1797002773.000046B00152C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1837515018.000046B0014AC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1797309283.000046B00078C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1796871632.000046B00078C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.lemonsqueezy.com/privacy
Source: msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1859723999.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1788772192.000046B000898000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1887630441.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1848524201.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1888401292.000046B000888000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.microsoftnews.cn/
Source: msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1859723999.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1788772192.000046B000898000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1887630441.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1848524201.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1888401292.000046B000888000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.microsoftnews.com/
Source: msedgewebview2.exe, 00000002.00000002.4207647601.000067BC022D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.msn.cn/
Source: msedgewebview2.exe, 00000002.00000002.4207647601.000067BC022D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.nate.com/?f=nateontb
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.newduba.cn/?
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.newduba.cn/?f=
Source: msedgewebview2.exe, 00000002.00000002.4206525440.000067BC02228000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, Top Sites.2.drString found in binary or memory: https://www.office.com/
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.office.com/on.
Source: msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.office.com/w1
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.so.com/?src=
Source: msedgewebview2.exe, 00000002.00000002.4212779156.000067BC0279C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.sogou.com/web?ie=
Source: msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.staging-bing-int.com/
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.startfenster.de
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.startseite24.net
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://yxtg.3zwx.cn/tg/ttfc.html?sc=
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://yxtg.flamebird.cn/tg/ttfc.html?sc=
Source: msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://yxtg.taojike.com.cn/tg/ttfc.html?sc=
Source: msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://zum.com/?af=
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: Ocean-T2I4I8O9.exe, 00000000.00000002.4163019359.0000000140363000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: bad restart PCstopm spinningrandinit twicestore64 failedsemaRoot queuebad allocCountbad span statestack overflowno module dataneed more dataREQUEST_METHODOpenSCManagerWModule32FirstWunreachable: Pin not found.DefWindowProcWGetMessageTimeSetWindowTextWScreenToClientSetWindowLongWGetWindowLongWInvalidateRectClientToScreenCloseClipboardEmptyClipboardMapVirtualKeyWCallNextHookExEnableMenuItemGetMenuBarInfoGetMenuStringWHiliteMenuItemTrackPopupMenuRegSetValueExWRegDeleteTreeWControlServiceDwmEnableMMCSSDwmShowContactGetStockObjectGetPixelFormatSetPixelFormatSizeofResourceGetSystemTimesActivateActCtxCoInitializeExCoUninitializeSysAllocStringwglMakeCurrentDragQueryFileWDragQueryPointGdiplusStartupVerQueryValueWGetWindowTextACreateServiceWIsWellKnownSidMakeAbsoluteSDSetThreadTokenClearCommBreakClearCommErrorCreateEventExWCreateMutexExWGetTickCount64IsWow64ProcessLoadLibraryExWSetConsoleModeVirtualProtectVirtualQueryExGetShellWindowRCodeNameErrorResourceHeadermime/multipartdata truncatedEnumPageFilesWHalfClosedLocalapplication/pdfapplication/oggfont/collectionapplication/zipnegative updateaccept-encodingaccept-languagex-forwarded-fortrailers_pseudobad_path_methodAccept-Encodingrecv_rststream_Idempotency-KeyPartial ContentRequest TimeoutLength RequiredNot ImplementedGateway Timeoutunexpected typebad trailer keywrite error: %wGetProcessTimesDuplicateHandleadvertise errorkey has expirednetwork is downno medium foundno such processGetAdaptersInfoCreateHardLinkWDeviceIoControlFlushViewOfFileGetCommandLineWGetStartupInfoWProcess32FirstWUnmapViewOfFileFailed to load Failed to find MAQUINADEARMADOIsWindowVisible476837158203125invalid argSize<invalid Value>x509keypairleafrecord overflowbad certificatePKCS1WithSHA256PKCS1WithSHA384PKCS1WithSHA512ClientAuthType(unknown version: cannot parse ,M3.2.0,M11.1.0Accept-LanguageX-Forwarded-Formissing address/etc/mdns.allowunknown network()<>@,;:\"/[]?=allocmRInternalGC (fractional)write heap dumpasyncpreemptoffforce gc (idle)sync.Mutex.Lockruntime.Goschedmalloc deadlockruntime error: elem size wrongscan missed a gmisaligned maskbad panic stackrecovery failedstopm holding pstartm: m has ppreempt SPWRITEmissing mcache?randinit missedts set in timertraceback stuckImpersonateSelfOpenThreadTokenGetClassInfoExWShowWindowAsyncCreateWindowExWPostQuitMessageCallWindowProcWIsWindowEnabledDialogBoxParamWSwapMouseButtonMonitorFromRectGetMonitorInfoWGetRawInputDataGetActiveWindowCreatePopupMenuGetMenuItemRectInsertMenuItemWRegCreateKeyExWRegDeleteValueWDefSubclassProcGetEnhMetaFileWGetTextMetricsWPlayEnhMetaFileSetDCBrushColorFindNextStreamWDragAcceptFilesGdiplusShutdowndata before FINbad close code x509usepoliciesNtResumeProcessGetSecurityInfoSetSecurityInfoAddDllDirectoryFindNextVolumeWFindVolumeCloseGetCommTimeoutsIsWow64Process2QueryDosDeviceWSetCommTimeoutsSetVolumeLabelWRtlDefaultNpAclCLSIDFromStringStringFromGUID2IsWindowUnicodetimeBeginPeriodreflectlite.Set is unavailable0601021504Z0700invalid pointerjstmpllitinterptarinsecurepmemstr_0474eb90-f

System Summary

barindex
PE file contains section with special chars
Source: Ocean-T2I4I8O9.exeStatic PE information: section name: .ud}
Source: Ocean-T2I4I8O9.exeStatic PE information: section name: .WK\
Source: Ocean-T2I4I8O9.exeStatic PE information: Number of sections : 14 > 10
Source: classification engineClassification label: mal80.evad.mine.winEXE@14/148@19/10
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile created: C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exeJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeMutant created: NULL
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile created: C:\Users\user\AppData\Local\Temp\51090fd7-de28-450d-b18f-d3538746d428.tmpJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: msedgewebview2.exe, 00000002.00000002.4192557444.000002685F675000.00000002.00000001.00040000.00000022.sdmp, Login Data.2.drBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
Source: unknownProcess created: C:\Users\user\Desktop\Ocean-T2I4I8O9.exe "C:\Users\user\Desktop\Ocean-T2I4I8O9.exe"
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=Ocean-T2I4I8O9.exe --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=6592.5960.2910270123947271652
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x170,0x7ffdfb378e88,0x7ffdfb378e98,0x7ffdfb378ea8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --webview-exe-name=Ocean-T2I4I8O9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1764 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=MojoIpcz /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --webview-exe-name=Ocean-T2I4I8O9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2768 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=MojoIpcz /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --webview-exe-name=Ocean-T2I4I8O9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2988 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=MojoIpcz /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --webview-exe-name=Ocean-T2I4I8O9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1734687315032790 --launch-time-ticks=5393060708 --mojo-platform-channel-handle=3384 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=MojoIpcz /prefetch:1
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --webview-exe-name=Ocean-T2I4I8O9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=748 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=MojoIpcz /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x170,0x7ffdfb378e88,0x7ffdfb378e98,0x7ffdfb378ea8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --webview-exe-name=Ocean-T2I4I8O9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1764 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=MojoIpcz /prefetch:2Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --webview-exe-name=Ocean-T2I4I8O9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2768 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=MojoIpcz /prefetch:3Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --webview-exe-name=Ocean-T2I4I8O9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2988 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=MojoIpcz /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --webview-exe-name=Ocean-T2I4I8O9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1734687315032790 --launch-time-ticks=5393060708 --mojo-platform-channel-handle=3384 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=MojoIpcz /prefetch:1Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --webview-exe-name=Ocean-T2I4I8O9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=748 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=MojoIpcz /prefetch:2Jump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: version.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: powrprof.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: umpdc.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: dhcpcsvc6.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: dhcpcsvc.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: webview2loader.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: dwmapi.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: wldp.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: propsys.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: edputil.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: profapi.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: dbghelp.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: twinapi.dllJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: version.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windows.system.profile.platformdiagnosticsandusagedatasettings.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: winmm.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: kbdus.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windows.system.profile.platformdiagnosticsandusagedatasettings.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: userenv.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: netutils.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mdmregistration.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mdmregistration.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: omadmapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: powrprof.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dmcmnutils.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: iri.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: umpdc.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dsreg.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: profapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: powrprof.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: umpdc.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dwrite.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dpapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: nlaapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dhcpcsvc6.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dhcpcsvc.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: wldp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windows.ui.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windowmanagementapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: inputhost.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: propsys.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: profapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: wtsapi32.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: winsta.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mscms.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: coloradapterclient.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windows.security.authentication.web.core.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: devobj.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dataexchange.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: d3d11.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dcomp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dxgi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: uiautomationcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: atlthunk.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: oleacc.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: directmanipulation.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dxgi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: resourcepolicyclient.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mf.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mfplat.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: rtworkq.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: hevcdecoder.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dolbydecmft.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mfperfhelper.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dwmapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: d3d11.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: d3d10warp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dxcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dcomp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dbghelp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dwrite.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: wldp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dwritecore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: vaultcli.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: aadwamextension.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windows.web.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: microsoftaccountwamextension.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: hevcdecoder.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: tenantrestrictionsplugin.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: netprofm.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: npmproxy.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windows.system.userprofile.diagnosticssettings.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: wevtapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: secur32.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dbghelp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windows.system.diagnostics.telemetry.platformtelemetryclient.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: bitsproxy.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: winmm.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: winmm.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dhcpcsvc6.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: nlaapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dhcpcsvc.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: ntasn1.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: ncryptprov.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: profapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: winmm.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: winmm.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: winmm.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: wldp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: profapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dxgi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: resourcepolicyclient.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: d3d11.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: d3d11.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dxcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mf.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mfplat.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: rtworkq.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: hevcdecoder.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dolbydecmft.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mfperfhelper.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: d3d12.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: d3d12.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: d3d12core.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: d3d10warp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dxilconv.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: d3dscache.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: userenv.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33C53A50-F456-4884-B049-85FD643ECFED}\InProcServer32Jump to behavior
Source: Ocean-T2I4I8O9.exeStatic PE information: certificate valid
Source: Ocean-T2I4I8O9.exeStatic PE information: Virtual size of .text is bigger than: 0x100000
Source: Ocean-T2I4I8O9.exeStatic PE information: Image base 0x140000000 > 0x60000000
Source: Ocean-T2I4I8O9.exeStatic file information: File size 6023056 > 1048576
Source: Ocean-T2I4I8O9.exeStatic PE information: Raw size of .WK\ is bigger than: 0x100000 < 0x5b8000
Source: initial sampleStatic PE information: section where entry point is pointing to: .WK\
Source: Ocean-T2I4I8O9.exeStatic PE information: section name: .xdata
Source: Ocean-T2I4I8O9.exeStatic PE information: section name: .ud}
Source: Ocean-T2I4I8O9.exeStatic PE information: section name: .2KL
Source: Ocean-T2I4I8O9.exeStatic PE information: section name: .WK\

Persistence and Installation Behavior

barindex
Installs new ROOT certificates
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeRegistry value created: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8 BlobJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeRegistry value created: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8 BlobJump to behavior

Hooking and other Techniques for Hiding and Protection

barindex
Overwrites code with unconditional jumps - possibly settings hooks in foreign process
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeMemory written: PID: 6592 base: 7FFE22370008 value: E9 EB D9 E9 FF Jump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeMemory written: PID: 6592 base: 7FFE2220D9F0 value: E9 20 26 16 00 Jump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeMemory written: PID: 6592 base: 7FFE2238000D value: E9 BB CB EB FF Jump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeMemory written: PID: 6592 base: 7FFE2223CBC0 value: E9 5A 34 14 00 Jump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\AutoUpdateJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRootJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeRegistry key monitored for changes: HKEY_CURRENT_USER_ClassesJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeRegistry key monitored for changes: HKEY_CURRENT_USER_ClassesJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8 BlobJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior

Malware Analysis System Evasion

barindex
Tries to evade analysis by execution special instruction (VM detection)
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSpecial instruction interceptor: First address: 140E20564 instructions rdtsc caused by: RDTSC with Trap Flag (TF)
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\d0010809Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Code Cache\js FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Code Cache\wasm FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\blob_storage\be267816-70e0-4a01-8095-e9b3264ddb8c FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Cache\Cache_Data FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47 FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47 FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Users\user\AppData\Local\Temp FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Users\user\AppData\Local\Temp FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Users\user FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Users\user FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile opened: C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Network\SCT Auditing Pending ReportsJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile opened: C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile opened: C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile opened: C:\Users\user\AppData\Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile opened: C:\Users\user\Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile opened: C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Network\ef764e1a-48cf-424a-81b5-7dfcb68c6665.tmpJump to behavior
Source: msedgewebview2.exe, 00000002.00000002.4207741442.000067BC022F0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: VMware
Source: msedgewebview2.exe, 00000002.00000002.4220852371.000067BC02DDC000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: VMware Virtual USB Mouse
Source: msedgewebview2.exe, 00000002.00000002.4207275057.000067BC02274000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: USB device added: path=\\?\usb#vid_0e0f&pid_0003#5&2dda038&0&5#{a5dcbf10-6530-11d2-901f-00c04fb951ed} vendor=3599 "VMware", product=3 "VMware Virtual USB Mouse", serial="", driver="usbccgp", guid=12bb1daf-b5c9-40b6-b4d0-487141a41e3c
Source: Ocean-T2I4I8O9.exe, 00000000.00000002.4147071221.000000000079C000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4178144437.000002685A03D000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.4156545775.000002582623F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeSystem information queried: ModuleInformationJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeProcess information queried: ProcessInformationJump to behavior

Anti Debugging

barindex
Hides threads from debuggers
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeThread information set: HideFromDebuggerJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeThread information set: HideFromDebuggerJump to behavior
Tries to detect debuggers (CloseHandle check)
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeHandle closed: DEADC0DE
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeProcess queried: DebugPortJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeProcess queried: DebugObjectHandleJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeProcess queried: DebugObjectHandleJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeProcess queried: DebugObjectHandleJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeProcess queried: DebugPortJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeProcess token adjusted: DebugJump to behavior

HIPS / PFW / Operating System Protection Evasion

barindex
Found direct / indirect Syscall (likely to bypass EDR)
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeNtOpenFile: Direct from: 0x140C8DA5AJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeNtProtectVirtualMemory: Direct from: 0x140A14A17Jump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeNtSetInformationThread: Direct from: 0x140C5A899Jump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeNtProtectVirtualMemory: Direct from: 0x140C6B35DJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeNtQueryInformationProcess: Direct from: 0x140E0AAC8Jump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeNtProtectVirtualMemory: Direct from: 0x140A5A18AJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeNtQueryInformationProcess: Direct from: 0x140A5D9B0Jump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeNtSetInformationThread: Direct from: 0x140E07F06Jump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeNtProtectVirtualMemory: Indirect: 0x1408C9E37Jump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeNtUnmapViewOfSection: Direct from: 0x140A1FEE1Jump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeNtProtectVirtualMemory: Direct from: 0x140CE1B8FJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeNtProtectVirtualMemory: Direct from: 0x1408F2CF5Jump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeNtQueryInformationProcess: Direct from: 0x140CD1F8EJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeNtProtectVirtualMemory: Direct from: 0x140CDB738Jump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeNtProtectVirtualMemory: Direct from: 0x140C4D676Jump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeNtSetInformationProcess: Direct from: 0x140CB4765Jump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeNtProtectVirtualMemory: Direct from: 0x1408D4697Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x170,0x7ffdfb378e88,0x7ffdfb378e98,0x7ffdfb378ea8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --webview-exe-name=Ocean-T2I4I8O9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1764 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=MojoIpcz /prefetch:2Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --webview-exe-name=Ocean-T2I4I8O9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2768 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=MojoIpcz /prefetch:3Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --webview-exe-name=Ocean-T2I4I8O9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2988 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=MojoIpcz /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --webview-exe-name=Ocean-T2I4I8O9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1734687315032790 --launch-time-ticks=5393060708 --mojo-platform-channel-handle=3384 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=MojoIpcz /prefetch:1Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --webview-exe-name=Ocean-T2I4I8O9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=748 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=MojoIpcz /prefetch:2Jump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=ocean-t2i4i8o9.exe --user-data-dir="c:\users\user\appdata\roaming\ocean-t2i4i8o9.exe\ebwebview" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --enable-features=mojoipcz --mojo-named-platform-channel-pipe=6592.5960.2910270123947271652
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=c:\users\user\appdata\roaming\ocean-t2i4i8o9.exe\ebwebview /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=c:\users\user\appdata\roaming\ocean-t2i4i8o9.exe\ebwebview\crashpad --annotation=isofficialbuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=win64 "--annotation=prod=edge webview2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x170,0x7ffdfb378e88,0x7ffdfb378e98,0x7ffdfb378ea8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\ocean-t2i4i8o9.exe\ebwebview" --webview-exe-name=ocean-t2i4i8o9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=waaaaaaaaadgaaamaaaaaaaaaaaaaaaaaabgaaaaaaa4aaaaaaaaaaaaaaaeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaagaaaaaaaaaayaaaaaaaaaagaaaaaaaaacaaaaaaaaaaiaaaaaaaaaa== --mojo-platform-channel-handle=1764 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=mojoipcz /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.networkservice --lang=en-gb --service-sandbox-type=none --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\ocean-t2i4i8o9.exe\ebwebview" --webview-exe-name=ocean-t2i4i8o9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2768 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=mojoipcz /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.storageservice --lang=en-gb --service-sandbox-type=service --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\ocean-t2i4i8o9.exe\ebwebview" --webview-exe-name=ocean-t2i4i8o9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2988 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=mojoipcz /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\ocean-t2i4i8o9.exe\ebwebview" --webview-exe-name=ocean-t2i4i8o9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-nacl --first-renderer-process --lang=en-gb --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_ch" --time-ticks-at-unix-epoch=-1734687315032790 --launch-time-ticks=5393060708 --mojo-platform-channel-handle=3384 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=mojoipcz /prefetch:1
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\ocean-t2i4i8o9.exe\ebwebview" --webview-exe-name=ocean-t2i4i8o9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=waaaaaaaaadoaaamaaaaaaaaaaaaaaaaaabgaaaaaaa4aaaaaaaaaaaaaabeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaagaaaaaaaaaayaaaaaaaaaagaaaaaaaaacaaaaaaaaaaiaaaaaaaaaa== --mojo-platform-channel-handle=748 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=mojoipcz /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=c:\users\user\appdata\roaming\ocean-t2i4i8o9.exe\ebwebview /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=c:\users\user\appdata\roaming\ocean-t2i4i8o9.exe\ebwebview\crashpad --annotation=isofficialbuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=win64 "--annotation=prod=edge webview2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x170,0x7ffdfb378e88,0x7ffdfb378e98,0x7ffdfb378ea8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\ocean-t2i4i8o9.exe\ebwebview" --webview-exe-name=ocean-t2i4i8o9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=waaaaaaaaadgaaamaaaaaaaaaaaaaaaaaabgaaaaaaa4aaaaaaaaaaaaaaaeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaagaaaaaaaaaayaaaaaaaaaagaaaaaaaaacaaaaaaaaaaiaaaaaaaaaa== --mojo-platform-channel-handle=1764 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=mojoipcz /prefetch:2Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.networkservice --lang=en-gb --service-sandbox-type=none --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\ocean-t2i4i8o9.exe\ebwebview" --webview-exe-name=ocean-t2i4i8o9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2768 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=mojoipcz /prefetch:3Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.storageservice --lang=en-gb --service-sandbox-type=service --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\ocean-t2i4i8o9.exe\ebwebview" --webview-exe-name=ocean-t2i4i8o9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2988 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=mojoipcz /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\ocean-t2i4i8o9.exe\ebwebview" --webview-exe-name=ocean-t2i4i8o9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-nacl --first-renderer-process --lang=en-gb --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_ch" --time-ticks-at-unix-epoch=-1734687315032790 --launch-time-ticks=5393060708 --mojo-platform-channel-handle=3384 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=mojoipcz /prefetch:1Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\ocean-t2i4i8o9.exe\ebwebview" --webview-exe-name=ocean-t2i4i8o9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=waaaaaaaaadoaaamaaaaaaaaaaaaaaaaaabgaaaaaaa4aaaaaaaaaaaaaabeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaagaaaaaaaaaayaaaaaaaaaagaaaaaaaaacaaaaaaaaaaiaaaaaaaaaa== --mojo-platform-channel-handle=748 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=mojoipcz /prefetch:2Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\Trust Protection Lists\manifest.json VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\WidevineCdm\manifest.json VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Windows\System32\spool\drivers\color\sRGB Color Space Profile.icm VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Windows\Fonts\segoeuib.ttf VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Windows\Fonts\timesbd.ttf VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Windows\Fonts\timesbd.ttf VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Windows\Fonts\timesbi.ttf VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Windows\Fonts\timesbi.ttf VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\MEIPreload\preloaded_data.pb VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Network\SCT Auditing Pending Reports VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\Ocean-T2I4I8O9.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid Accounts1
Command and Scripting Interpreter		1
DLL Side-Loading		11
Process Injection		1
Masquerading		1
Credential API Hooking		1
Query Registry		Remote Services1
Credential API Hooking		1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Abuse Elevation Control Mechanism		1
Modify Registry		11
Input Capture		311
Security Software Discovery		Remote Desktop Protocol11
Input Capture		3
Ingress Tool Transfer		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
DLL Side-Loading		11
Virtualization/Sandbox Evasion		Security Account Manager11
Virtualization/Sandbox Evasion		SMB/Windows Admin SharesData from Network Shared Drive4
Non-Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook11
Process Injection		NTDS1
Process Discovery		Distributed Component Object ModelInput Capture15
Application Layer Protocol		Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
Abuse Elevation Control Mechanism		LSA Secrets1
Remote System Discovery		SSHKeylogging1
Proxy		Scheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
Install Root Certificate		Cached Domain Credentials1
File and Directory Discovery		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items1
DLL Side-Loading		DCSync124
System Information Discovery		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1578770 Sample: Ocean-T2I4I8O9.exe Startdate: 20/12/2024 Architecture: WINDOWS Score: 80 48 anticheat.ac 2->48 52 PE file contains section with special chars 2->52 54 AI detected suspicious sample 2->54 8 Ocean-T2I4I8O9.exe 2->8         started        signatures3 process4 dnsIp5 50 anticheat.ac 104.21.13.90, 443, 49732, 49733 CLOUDFLARENETUS United States 8->50 56 Overwrites code with unconditional jumps - possibly settings hooks in foreign process 8->56 58 Installs new ROOT certificates 8->58 60 Found Tor onion address 8->60 62 4 other signatures 8->62 12 msedgewebview2.exe 33 211 8->12         started        signatures6 process7 file8 34 e557a40d-460e-4cdd-a10e-40f85bb60c76.tmp, JSON 12->34 dropped 36 d717a500-8266-4674-9c9f-46e167188fc4.tmp, JSON 12->36 dropped 38 a9d34ddb-5123-4436-9fab-40681ed3cc1d.tmp, JSON 12->38 dropped 40 68 other malicious files 12->40 dropped 64 Found strings related to Crypto-Mining 12->64 16 msedgewebview2.exe 18 12->16         started        20 msedgewebview2.exe 12->20         started        22 msedgewebview2.exe 12->22         started        24 3 other processes 12->24 signatures9 process10 dnsIp11 42 151.101.129.229, 443, 49751 FASTLYUS United States 16->42 44 jsdelivr.map.fastly.net 151.101.65.229, 49747, 49749, 80 FASTLYUS United States 16->44 46 9 other IPs or domains 16->46 26 e5ac0635-b190-4c79-8764-70e72f53c65d.tmp, JSON 16->26 dropped 28 C:\Users\user\AppData\...\Trust Tokens, SQLite 16->28 dropped 30 C:\Users\user\...\Sdch Dictionaries (copy), JSON 16->30 dropped 32 7 other malicious files 16->32 dropped file12

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
Ocean-T2I4I8O9.exe4%VirustotalBrowse
Ocean-T2I4I8O9.exe3%ReversingLabs

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
anticheat.ac
104.21.13.90
truefalse
    		unknown
    jsdelivr.map.fastly.net
    		151.101.65.229
    		truefalse
      		high
      chrome.cloudflare-dns.com
      		162.159.61.3
      		truefalse
        		high
        threejs.org
        		185.199.108.153
        		truefalse
          		high
          cdn.tailwindcss.com
          		172.67.41.16
          		truefalse
            		high
            unpkg.com
            		104.17.248.203
            		truefalse
              		high
              cdn.jsdelivr.net
              		unknown
              		unknownfalse
                		high
                pro.fontawesome.com
                		unknown
                		unknownfalse
                  		high

                  Contacted URLs

                  NameMaliciousAntivirus DetectionReputation
                  http://anticheat.ac/api/customgui/T2I4I8O9.exe/false
                    		unknown
                    https://threejs.org/examples/js/libs/stats.min.jsfalse
                      		high
                      https://unpkg.com/tippy.js@6.3.7/dist/tippy-bundle.umd.min.jsfalse
                        		high
                        https://cdn.tailwindcss.com/3.4.16false
                          		high

                          URLs from Memory and Binaries

                          NameSourceMaliciousAntivirus DetectionReputation
                          http://web.503188.com/?msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                            		unknown
                            https://hao.360.com/?installermsedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpfalse
                              		high
                              http://www.4399.com/flash/32979.htmmsedgewebview2.exe, 00000002.00000002.4212684128.000067BC02784000.00000004.00000800.00020000.00000000.sdmpfalse
                                		high
                                http://anglebug.com/5750gmsedgewebview2.exe, 00000002.00000002.4215441405.000067BC02984000.00000004.00000800.00020000.00000000.sdmpfalse
                                  		unknown
                                  https://unpkg.com/tippy.jsOcean-T2I4I8O9.exe, 00000000.00000003.1777946058.0000780400658000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C000356000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C0002D2000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C000240000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1777390300.000078040064C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1788251185.000078040060C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4159791862.0000000049D50000.00000004.00000020.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C0002A4000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C000280000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778523150.0000780400670000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4163019359.0000000140363000.00000002.00000001.01000000.00000003.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778313221.0000780400664000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1779138595.0000780400688000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4151253237.0000000000CA6000.00000004.00000020.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1780804126.0000780400688000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778622995.000078040067C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1781427690.00007804006A0000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C000246000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1780628181.000078040067C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1779307146.00007804006A0000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C00023E000.00000004.00001000.00020000.00000000.sdmpfalse
                                    		high
                                    http://hao123.di178.com/?r916msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpfalse
                                      		unknown
                                      https://www.4399.com/flash/180977_3.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                        		high
                                        https://tg.602.commsedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpfalse
                                          		unknown
                                          https://www.4399.com/flash/127539_4.htmmsedgewebview2.exe, 00000002.00000002.4212684128.000067BC02784000.00000004.00000800.00020000.00000000.sdmpfalse
                                            		high
                                            http://anglebug.com/4633msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpfalse
                                              		high
                                              https://anglebug.com/7382msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                		high
                                                https://permanently-removed.invalid/v1/eventsmsedgewebview2.exe, 00000002.00000002.4210573924.000067BC024A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                  		unknown
                                                  https://www.4399.com/flash/205462_4.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                    		high
                                                    https://www.4399.com/flash/145991_4.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                      		high
                                                      https://ntp.msn.cn/edge/ntpmsedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                        		high
                                                        https://malaysia.smarmsedgewebview2.exe, 00000002.00000002.4180196176.000002685A0B8000.00000004.00000020.00020000.00000000.sdmpfalse
                                                          		unknown
                                                          https://www.4399.com/flash/39379_2.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                            		high
                                                            https://www.office.com/on.msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmpfalse
                                                              		high
                                                              https://www.4399.com/flash/55146_4.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                		high
                                                                http://threejs.org/examples/js/libs/stats.min.jsgmsedgewebview2.exe, 00000002.00000002.4208553582.000067BC0237C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                  		high
                                                                  https://tg.602.comommsedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                    		unknown
                                                                    https://www.4399.com/flash/195673_4.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                      		high
                                                                      https://www.microsoftnews.cn/msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1859723999.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1788772192.000046B000898000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1887630441.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1848524201.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1888401292.000046B000888000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                        		unknown
                                                                        https://kf.07073.commsedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                          		unknown
                                                                          https://permanently-removed.invalid/v1:GetHintsmsedgewebview2.exe, 00000002.00000002.4211998904.000067BC026AC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                            		unknown
                                                                            https://www.4399.com/flash/18012.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                              		high
                                                                              http://bd.gy912.commsedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                		unknown
                                                                                https://www.91duba.com/?f=msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  		unknown
                                                                                  http://anglebug.com/6929msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                    		high
                                                                                    https://www.4399.com/flash/217926_2.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                      		high
                                                                                      https://www.4399.com/flash/218860_1.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        https://anglebug.com/7246msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                          		high
                                                                                          https://www.4399.com/flash/27924_2.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            https://int.msn.cn/msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4207647601.000067BC022D4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                              		unknown
                                                                                              https://anglebug.com/7369msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                		high
                                                                                                https://anglebug.com/7489msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  https://www.office.com/w1msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    https://unitedstates1.ss.wd.microsoft.us/msedgewebview2.exe, 00000002.00000003.1798800801.000002685F85B000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4194418534.000002685F8EF000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4187653232.000002685BF5A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      https://www.4399.com/flash/18012_4.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://www.newduba.cn/?msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                          		unknown
                                                                                                          https://www.4399.com/flash/48504.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            http://df.edge.qhkj.baicana.commsedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              		unknown
                                                                                                              https://tp.9377s.commsedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                		unknown
                                                                                                                https://pro.fontawesome.com/releases/v6.0.0-beta1/css/all.cssOcean-T2I4I8O9.exe, 00000000.00000003.1777946058.0000780400658000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C000356000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C0002D2000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C000240000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1777390300.000078040064C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1788251185.000078040060C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4159791862.0000000049D50000.00000004.00000020.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C0002A4000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4198935551.000000C000280000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778523150.0000780400670000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4163019359.0000000140363000.00000002.00000001.01000000.00000003.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778313221.0000780400664000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1779138595.0000780400688000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4151253237.0000000000CA6000.00000004.00000020.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1780804126.0000780400688000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1778622995.000078040067C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1781427690.00007804006A0000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C000246000.00000004.00001000.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1780628181.000078040067C000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000003.1779307146.00007804006A0000.00000004.00000800.00020000.00000000.sdmp, Ocean-T2I4I8O9.exe, 00000000.00000002.4195526480.000000C00023E000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  https://permanently-removed.invalid/v1/issuetokenmsedgewebview2.exe, 00000002.00000002.4206525440.000067BC02228000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    http://anglebug.com/4722msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      https://permanently-removed.invalid/reauth/v1beta/users/msedgewebview2.exe, 00000002.00000002.4220852371.000067BC02DDC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4206525440.000067BC02228000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        http://permanently-removed.invalid/msedgewebview2.exe, 00000002.00000002.4208829370.000067BC023AC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4209812040.000067BC02428000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                          		unknown
                                                                                                                          http://r.emsoso.cnmsedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                            		unknown
                                                                                                                            https://permanently-removed.invalid/embedded/setup/chrome/usermenumsedgewebview2.exe, 00000002.00000002.4207275057.000067BC02274000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1869630032.000046B0009BC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                              		unknown
                                                                                                                              https://www.4399.com/flash/zmhj.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                https://www.4399.com/flash/69156_1.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  https://www.4399.com/flash/776_1.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    http://129fy.ie.chalai.netmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                      		unknown
                                                                                                                                      https://www.4399.com/flash/198637_4.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        https://www.4399.com/flash/133630_4.htmmsedgewebview2.exe, 00000002.00000002.4212684128.000067BC02784000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          http://sgcs.edge.ker58.commsedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                            		unknown
                                                                                                                                            https://permanently-removed.invalid/RotateBoundCookiesmsedgewebview2.exe, 00000002.00000002.4206525440.000067BC02228000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              https://www.4399.com/flash/218717_2.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                https://www.4399.com/flash/136516_3.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                  		high
                                                                                                                                                  https://www.4399.com/flash/203215_3.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                    		high
                                                                                                                                                    https://www.4399.com/flash/207195_4.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                      		high
                                                                                                                                                      http://anglebug.com/3502msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                        		high
                                                                                                                                                        https://discovery.lenovo.com.cn/home062291msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                          		high
                                                                                                                                                          https://www.newduba.cn/?f=msedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                            		unknown
                                                                                                                                                            https://hao.360.com/?src=jsqthmsedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                              		high
                                                                                                                                                              https://designerapp-int.azurewebsites.net/msedgewebview2.exe, 00000002.00000002.4209812040.000067BC02428000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                		unknown
                                                                                                                                                                https://my.4399.com/yxmsdzls/msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://www.4399.com/flash/217855_4.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                    		high
                                                                                                                                                                    http://anglebug.com/3862msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://yxtg.taojike.com.cn/tg/ttfc.html?sc=msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                        		unknown
                                                                                                                                                                        http://anglebug.com/4836msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                          		high
                                                                                                                                                                          https://issuetracker.google.com/issues/166475273msedgewebview2.exe, 00000002.00000002.4220852371.000067BC02DDC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                            		high
                                                                                                                                                                            https://www.4399.com/flash/21674_3.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                              		high
                                                                                                                                                                              https://www.4399.com/flash/204650_1.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://localhost.msn.com/msedgewebview2.exe, 00000002.00000002.4212088904.000067BC026BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1859723999.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1788772192.000046B000898000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1887630441.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1848524201.000046B000888000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1888401292.000046B000888000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                  		unknown
                                                                                                                                                                                  https://www.4399.com/flash/203369_3.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://www.jiegeng.commsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                      		unknown
                                                                                                                                                                                      https://internet-start.net/?msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        https://www.4399.com/flash/35538.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          https://outlook.com/msedgewebview2.exe, 00000002.00000002.4207647601.000067BC022D4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            https://www.4399.com/flash/218066_3.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://www.4399.com/flash/6232_3.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                https://www.4399.com/flash/195990_1.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  https://www.4399.com/flash/12669_4.htmmsedgewebview2.exe, 00000002.00000002.4212684128.000067BC02784000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    https://www.4399.com/flash/204056_4.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      http://anglebug.com/3970msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778243081.000067D000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        https://www.4399.com/flash/205090_2.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          https://www.startfenster.demsedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                            		unknown
                                                                                                                                                                                                            https://www.4399.com/flash/10379_3.htmmsedgewebview2.exe, 00000002.00000002.4212684128.000067BC02784000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                              		high
                                                                                                                                                                                                              https://www.4399.com/flash/203018_4.htmmsedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                		high
                                                                                                                                                                                                                https://malaysia.smarscreen.msedgewebview2.exe, 00000002.00000002.4180196176.000002685A0B8000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                  		unknown
                                                                                                                                                                                                                  http://tx.edge.ker58.commsedgewebview2.exe, 00000002.00000002.4212963865.000067BC027D0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                                    https://www.so.com/?src=msedgewebview2.exe, 00000002.00000002.4212869414.000067BC027B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                      http://anglebug.com/5901msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778274968.000067D000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778346425.000067D00017C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                        http://anglebug.com/3965msedgewebview2.exe, 00000002.00000002.4218415265.000067BC02B88000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781542003.000067BC02ED0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1781581350.000067BC02F54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778388193.000067D0001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1791322367.000067D000188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1778540309.000067D0001C4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                          		high

                                                                                                                                                                                                                          World Map of Contacted IPs

                                                                                                                                                                                                                          • No. of IPs < 25%
                                                                                                                                                                                                                          • 25% < No. of IPs < 50%
                                                                                                                                                                                                                          • 50% < No. of IPs < 75%
                                                                                                                                                                                                                          • 75% < No. of IPs

                                                                                                                                                                                                                          Public IPs

                                                                                                                                                                                                                          IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                          104.21.13.90
                                                                                                                                                                                                                          		anticheat.acUnited States
                                                                                                                                                                                                                          		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                          172.67.41.16
                                                                                                                                                                                                                          		cdn.tailwindcss.comUnited States
                                                                                                                                                                                                                          		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                          104.17.248.203
                                                                                                                                                                                                                          		unpkg.comUnited States
                                                                                                                                                                                                                          		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                          151.101.129.229
                                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                                          		54113FASTLYUSfalse
                                                                                                                                                                                                                          151.101.65.229
                                                                                                                                                                                                                          		jsdelivr.map.fastly.netUnited States
                                                                                                                                                                                                                          		54113FASTLYUSfalse
                                                                                                                                                                                                                          185.199.111.153
                                                                                                                                                                                                                          		unknownNetherlands
                                                                                                                                                                                                                          		54113FASTLYUSfalse
                                                                                                                                                                                                                          162.159.61.3
                                                                                                                                                                                                                          		chrome.cloudflare-dns.comUnited States
                                                                                                                                                                                                                          		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                          185.199.108.153
                                                                                                                                                                                                                          		threejs.orgNetherlands
                                                                                                                                                                                                                          		54113FASTLYUSfalse
                                                                                                                                                                                                                          172.64.41.3
                                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                                          		13335CLOUDFLARENETUSfalse

                                                                                                                                                                                                                          Private

                                                                                                                                                                                                                          IP
                                                                                                                                                                                                                          127.0.0.1

                                                                                                                                                                                                                          General Information

                                                                                                                                                                                                                          Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                                                                          Analysis ID:1578770
                                                                                                                                                                                                                          Start date and time:2024-12-20 12:04:07 +01:00
                                                                                                                                                                                                                          Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                          Overall analysis duration:0h 9m 27s
                                                                                                                                                                                                                          Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                          Report type:full
                                                                                                                                                                                                                          Cookbook file name:default.jbs
                                                                                                                                                                                                                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                          Number of analysed new started processes analysed:16
                                                                                                                                                                                                                          Number of new started drivers analysed:0
                                                                                                                                                                                                                          Number of existing processes analysed:0
                                                                                                                                                                                                                          Number of existing drivers analysed:0
                                                                                                                                                                                                                          Number of injected processes analysed:0
                                                                                                                                                                                                                          Technologies:
                                                                                                                                                                                                                          • HCA enabled
                                                                                                                                                                                                                          • EGA enabled
                                                                                                                                                                                                                          • AMSI enabled
                                                                                                                                                                                                                          Analysis Mode:default
                                                                                                                                                                                                                          Analysis stop reason:Timeout
                                                                                                                                                                                                                          Sample name:Ocean-T2I4I8O9.exe
                                                                                                                                                                                                                          Detection:MAL
                                                                                                                                                                                                                          Classification:mal80.evad.mine.winEXE@14/148@19/10
                                                                                                                                                                                                                          EGA Information:Failed
                                                                                                                                                                                                                          HCA Information:
                                                                                                                                                                                                                          • Successful, ratio: 100%
                                                                                                                                                                                                                          • Number of executed functions: 0
                                                                                                                                                                                                                          • Number of non-executed functions: 0
                                                                                                                                                                                                                          Cookbook Comments:
                                                                                                                                                                                                                          • Found application associated with file extension: .exe
                                                                                                                                                                                                                          • Override analysis time to 240s for sample files taking high CPU consumption

                                                                                                                                                                                                                          Warnings

                                                                                                                                                                                                                          • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, backgroundTaskHost.exe, svchost.exe
                                                                                                                                                                                                                          • Excluded IPs from analysis (whitelisted): 13.107.42.16, 172.217.17.42, 142.250.181.99, 172.64.147.188, 104.18.40.68, 204.79.197.239, 13.107.21.239, 142.250.176.195, 23.218.208.109, 20.12.23.50, 142.251.40.131, 13.107.246.63
                                                                                                                                                                                                                          • Excluded domains from analysis (whitelisted): pro.fontawesome.com.cdn.cloudflare.net, edge-microsoft-com.dual-a-0036.a-msedge.net, fonts.googleapis.com, fs.microsoft.com, config.edge.skype.com.trafficmanager.net, slscr.update.microsoft.com, otelrules.azureedge.net, fonts.gstatic.com, ctldl.windowsupdate.com, edge.microsoft.com, fe3cr.delivery.mp.microsoft.com, ocsp.digicert.com, ocsps.ssl.com, l-0007.config.skype.com, config-edge-skype.l-0007.l-msedge.net, msedge.b.tlu.dl.delivery.mp.microsoft.com, www.gstatic.com, l-0007.l-msedge.net, config.edge.skype.com, dual-a-0036.a-msedge.net
                                                                                                                                                                                                                          • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                          • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                          • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtEnumerateValueKey calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtReadVirtualMemory calls found.
                                                                                                                                                                                                                          • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                                                                                                                                                                                          Simulations

                                                                                                                                                                                                                          Behavior and APIs

                                                                                                                                                                                                                          No simulations

                                                                                                                                                                                                                          Joe Sandbox View / Context

                                                                                                                                                                                                                          IPs

                                                                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                          172.67.41.16https://cdn.tailwindcss.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            https://connexion-espacesclients.support/gkm/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                              https://www.mobaps.euGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                https://activationmail-setupmailvalidationonlineaaosaiaosuaos.es/all/?e=bWpiQGhvbWVwYWdlYXBpLmNvbQ==Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                  https://www.google.it/url?q=https://www.google.it/url?q=https://www.google.it/url?q=https://www.google.ro/url?q=https://digitalplatform-admin-p.azurewebsites.net/external-link/?targetURL=https://www.google.nl/url?q=ZFCKQSES42J831UCOWMB4MEAK36T3IE7YuQiApLjODz3yh4nNeW8uuQi&rct=XS%25SERIAL%2525wDnNeW8yycT&sa=t&esrc=nNeW8F%25SERIAL%2525A0xys8Em2FL&source=&cd=tS6T8%25SERIAL%2525Tiw9XH&cad=XpPkDfJX%25SERIAL%2525VS0Y&ved=xjnktlqryYWwZIBRrgvK&uact=&url=amp/www.monument-funerar.ro/admin/view/image/payment/#test@example.deGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                    https://uymtnxoiutrbebdxcfngvhbjnklijuygtfbrdxevfcgvhbjn.b-cdn.net/updatinggeneral004/index.html?b=Y3VzdG9tZXJzZXJ2aWNldGVhbUB3YWl0cm9zZS5jby51aw==Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                      https://uymtnxoiutrbebdxcfngvhbjnklijuygtfbrdxevfcgvhbjn.b-cdn.net/updatinggeneral004/index.html?b=Y3VzdG9tZXJzZXJ2aWNldGVhbUB3YWl0cm9zZS5jby51aw==Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        https://uguroglu.com.tr/?uid=&psi=2410&c=E,1,gjTnlRdeljjKOCq2F4L5rlfgPqKxMiFp-FJVXZPBydkyE5NmL8Iwwk1INRX72TKXqRpDe31FdoKURWMjaJNyGY8ULlpJ25wFSgrCOSUa14j0sjpkSME,&typo=1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                          https://fastsoluudapppmigratee.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                            http://usqa.ykbzlxs.xyz/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                              104.17.248.203http://ebaumsworld.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                https://su.onamoc.comano.us/XcEhOOWF1eS9pVi9RYkVJUURCV1RYR0RGd2dHRjNGcUhDdkhxWFpsdUp1UWlVZk83UmwwZjIrYmdvdzh3aFZ3V1NpdnFZTG4zSE16TDBDYU5yc2hZVWQ3UU1GNHRON29GNEpZZkN6SGY0Nk8rdVp2U2tOWmNQbDNnZ0lyalR3OXBmeDlrU0FLKzlVeHI4YXk2YUFmaTRMUUR5TkhWNlhtSzMwQ2IrcU16UzRXUWROZDFlc3k0aldiNy0td25BVUltZUhhSGpCZG5tRS0tN1VocVZyWm1JT2tITW5yVjN4YWNxdz09?cid=2310889346Get hashmaliciousKnowBe4Browse
                                                                                                                                                                                                                                                  https://addto.password.land/XTi9aSHpxMU9CSkxBVXRhNGJhTWRLelpoTjl5MHNEUndKbFN6WU9rV1E1QnF0azRVN1Z3OEFWTE0rd0NldXVBQ3QyUGw3NXpZcDNMMHZ3QklHeU5CYzJBSmowVWUzYlJtS1FOZlBKQzNHRkV5dDRZckdUSHVVZ1h3VGRxL2VNZkw3RDBlOS9rSTYvK3FOU2UwdUd2OFA0KzZWaWc4ZmMrMzhaTnBpSzc3aU55UVlxUnlKZXRwdm9nPS0td0ZVSjRCSTRJclFTRVBuVS0tc2h0a3RIa3J5VGJRUUt5NUZCdmxvdz09?cid=2310145655Get hashmaliciousKnowBe4Browse
                                                                                                                                                                                                                                                    https://na01.safelinks.protection.outlook.com.url.protected-forms.com/XRDg1aXJTZEo3WnVjMi8rYmFSTlJrZUxJc2pYa2dEMjRmVzkrVm1KSjV2dmFMNjhRYVlhZzhQcGhVa3U0aGJMWjZjZDMzbmdQR3p2azkvT29vbzZYTW96OGE5a1A4c1UxRDdqMXRjTFY3S0c0aGRESzdvcmVmNXVVNEt3WjhyR2ppang0eWN2SGRvakNDK3h6MUg1T1BwNlZ1NVJjRjFPdisrUmV5cmpyRHNUSWtiRzBSRzRPa3hPa21UdkRaQ0dxc21yQk96dlU0K009LS11MEhPdmp1QjU2QWFUdjVDLS1Ubld1REU3SXI3TTJOeG1paVBDQ3pRPT0=?cid=2272549020Get hashmaliciousHTMLPhisher, KnowBe4Browse
                                                                                                                                                                                                                                                      https://2fa.com-token-auth.com/XLzgrdk01ellQd1gvQjlDc2VyNTJoRHlpQ0lSMHBKeFZZV0RyZ1Q3YUlVbENaRG50WDFzWjhWZTNmMllYNjZHN283dE8vOG02QklSQUZxNVRFUzZVRkovMnJ0YVZweExPcjhwdHlNdXRpbzhWVWJnZDdSbTVCSkhId0dHcjNzTkovc3F3MFV6eWFjdEZGNkpHTlVPdWxRTlVUOHZ6RUVGN3FlL2VVSzlzY09tVldDN2l2OVlFalZtWW9RPT0tLUpSRGZWdnhOOENBUTNhcGEtLUU0RE5seTEwRHZtK043c1QyOTFrV3c9PQ==?cid=2293130893Get hashmaliciousKnowBe4Browse
                                                                                                                                                                                                                                                        http://ppc-overwatch.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                          https://webconference.protected-forms.com/XUktQL21CbERuN3Ftbmk5UlBMbGhLNWU5aGswN2dIN014czFGV0c2YnRkQkFmNTh5T2RFZTJpSnRkYXZoMGdjMkR2Zk1JQXk1N0F1cFBQbTlZTjFJLzIyY0JXOG5RM2NtL3p3ZW5tSFhuUFdCdjFmRFhMSC9kVHErbytLbmdDeWVUL3hKcmkwaGh1NHJrbzV2UCszK0tOZ3RHb0FPdkN1cE5CMFZFQytIL2lBekM3dmFCTWhJckE9PS0tOFFraUx6Q2RGc1dJb0I0bi0taW9KaWdEQ3l6WnQ4Rmw2U29qT05Udz09?cid=2104653964Get hashmaliciousKnowBe4Browse
                                                                                                                                                                                                                                                            https://sewing-ladyltd.myshopify.com/sol?syclid=365862d9-5d6e-4a94-b401-31f50f547182Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                              https://protect-us.mimecast.com/s/18vfCQWNWqS1V8BlCPhEHGoqRRGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                Alliance Bank Central Texas Open Benefits Enrollment.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                  151.101.129.229http://valleyprohealth.orgGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • cdn.jsdelivr.net/jquery.slick/1.5.1/slick-theme.css
                                                                                                                                                                                                                                                                  151.101.65.229https://whtt.termlicari.ru/HnkNbg/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                    https://www.grapevine.org/join/next-gen-giving-circle-dcGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      http://www.delinian.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                        http://www.delinian.com/delinian-group-trading-companiesGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                          https://alluc.co/watch-movies/passengers.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                            Remit_Advice_SMKT_84655.htmGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                              https://jzd.soundestlink.com/ce/c/675b6e1bfc42b5dba74070ce/675b749b3d33226215120f3d/675b74b8f9a08fb1fbb286b7?signature=81a859d5cb272e6f3445dc5d43d3615d4aeb95f10d42be0925098a8a87224f29Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                https://poplast-poplast.powerappsportals.com/?e=e83cfd89&h=e7e60467&f=y&p=y&l=1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                  http://home45insurance.blogspot.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                    https://idw.soundestlink.com/ce/c/675b7a96903a5335b119c33f/675b7ae33d33226215120f66/675b7afd057112d43b49094d?signature=7e9e7eead1b3f32bbe3709a667795cd47f753f0f46ed5e056831680ea81aa102Get hashmaliciousUnknownBrowse

                                                                                                                                                                                                                                                                                      Domains

                                                                                                                                                                                                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                      cdn.tailwindcss.comhttps://drive.usercontent.google.com/u/0/uc?id=1-lzlsIQVVFZj1nVUNs7vmgIfcVZr8ZT3&export=downloadGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 104.22.20.144
                                                                                                                                                                                                                                                                                      https://cdn.tailwindcss.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 172.67.41.16
                                                                                                                                                                                                                                                                                      https://connexion-espacesclients.support/gkm/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 172.67.41.16
                                                                                                                                                                                                                                                                                      https://www.mobaps.euGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 104.22.21.144
                                                                                                                                                                                                                                                                                      https://activationmail-setupmailvalidationonlineaaosaiaosuaos.es/all/?e=bWpiQGhvbWVwYWdlYXBpLmNvbQ==Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 104.22.21.144
                                                                                                                                                                                                                                                                                      Notice_Of_New_Remittance.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 104.22.20.144
                                                                                                                                                                                                                                                                                      https://u48346967.ct.sendgrid.net/ls/click?upn=u001.A0zc-2BEvyk1Wl-2FMpdhEZeKOri2-2FGgH2RTzsX65VEcnN5SaLyl0UT8OMFIJrPp3PpoUM6xY28FQ2N7ftppG5RudDteJXD3BQZCthiPi2c2ALFGlSPfhe-2FcxhcglgWUQb-2BQESuvSP1z-2Bm6yiScj3t94MRtf0LYKB9CrrSBugAIE2LYG8LmYpSkH60B-2FMZ3-2BrvjbSA4-2FMKq-2BcyWHr8EPqNcLYpXKIa0eXlisYAn-2BUQ7zduW7tl-2BbLdZxK7-2F64kDFJWjAhA5-2BQkfVJJJox5IXYuhbutR70TtJJBVXs1-2BGpCmHbl-2BDNTOjQhDGBdV0GcWgnTqzbjbnvsgf-2Be0TXvdX5Smk9Cf3e70Q9X7CCHEUK7n5Iz83JVMEOM-2Fand-2B23jD1RrWlwwdn356TAiWPO93YBbqf0SO77Y7wdjJ1b9FY9HkvpCMIajIk8oGDIkalcOsvDrkfpAsNhyAACh29yO16Fg-2FM5u3K-2FXbE9Ex7FVSxGjaaC9sm3ZFKCHARATSNuZ5Fje0JCvs-2FuHNf8MhNMkgfl0FBuxcFtouETvn8R0InFl5AtNwGS6Afu60jlKV5PLEF8GeumMl4Zuoh2K-2F2yPQclKc1crfKqXCOnUQUzOQ7UyIpV0r3b47s6ht1AVAEPjV3zoZw9RLpCyXdGkoI8n06eY007Qg9WwLvy7We-2BQcl-2FyYQ4K56RiNFy6ideRccN4rvz5rlbEO4SM2GPwiXl06aWh1Z8A-3D-3DayVm_7jfNTkQybv-2BVetjXJenftZxQwKjBczDJqHH7EaznqVv3v2Dkt-2FIgZwJNXIp-2FyMqSeIPtfO34Zh0BJrBXMe8iDwc4F5cynKVd9U-2BCWNvBhYWndn5YPpcrm9EU-2BINyUV9MYoGCAzxOgZamtaAmmSvzUZGau9tG0E7vfYFw2WK2ssr4DmY5GXF-2BgMFUeEjp9HrYndaGnf0PXO4kOxtTViX7PlJWm1KFcSCvZKxLAfO2BkacR3B5XEdLDYpCUp92-2FH-2FHkhtVIRx1yIxGh6p91O9ZVon-2F9iC9RT46lS0PoWolD8OcxI1a8fShT6Hp4QWQfdHwSEy80yGx3wt6ImkGF4v9TXkQs-2Fsq-2FVFPoSnqaJLrItk8v5xWRdhyDRHKG-2BDTjP6JA9QphZ2npWlpDplGG-2B7VPrWDZBnEu36loOA6wRajUleT-2BwoMeGN4STY52Ur27KRveKCJr82irXKChZwqe-2BaUbmDOUwyLdpuYgAFKsd-2BPzSGCG9KIfFEO3qjrRe-2Ft9WxzxVxFb7rM1MFj1q2QSoqqpSZyyIO6o9dQWLpdkFrZCNwiV9o0NuRkda7B0vqLodHzU4jQ4E2ZVSRC2Gc87k08fCi-2BBF7Dmw-2F3-2FQYcQ-2BUHjUCqjlkaHmxOAI7-2FhdUS1Wb7BgsTAm-2Ft-2BvXBxupXitGd4JcEDUe0WuuxdFLUCWiEzHEB6DI0pZnKp0MjuL6t-2FHdSSyJSuzZQLJWoI1iWOBow7nssQ-2FtT6mq0c4kg9bIepJUAi8J12B9eClWiTZDtbREopSTPA0TrHAq8mBDFqCQ0MfGj13zUsahv2EEEPM5XcF8DfOVu-2BwcjmThtw28U2MS5BiDqE1Pwg-2BCEH40qmpHlF5lcXadw9ehGsQbMKc0VYqPjH2-2BLldks6uo-2Fln-2BeeieWNP8wXJfHHwtYJznNHWBqLw-3D-3DGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                      • 104.22.20.144
                                                                                                                                                                                                                                                                                      https://www.google.it/url?q=https://www.google.it/url?q=https://www.google.it/url?q=https://www.google.ro/url?q=https://digitalplatform-admin-p.azurewebsites.net/external-link/?targetURL=https://www.google.nl/url?q=ZFCKQSES42J831UCOWMB4MEAK36T3IE7YuQiApLjODz3yh4nNeW8uuQi&rct=XS%25SERIAL%2525wDnNeW8yycT&sa=t&esrc=nNeW8F%25SERIAL%2525A0xys8Em2FL&source=&cd=tS6T8%25SERIAL%2525Tiw9XH&cad=XpPkDfJX%25SERIAL%2525VS0Y&ved=xjnktlqryYWwZIBRrgvK&uact=&url=amp/www.monument-funerar.ro/admin/view/image/payment/#test@example.deGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                      • 172.67.41.16
                                                                                                                                                                                                                                                                                      https://uymtnxoiutrbebdxcfngvhbjnklijuygtfbrdxevfcgvhbjn.b-cdn.net/updatinggeneral004/index.html?b=Y3VzdG9tZXJzZXJ2aWNldGVhbUB3YWl0cm9zZS5jby51aw==Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 104.22.20.144
                                                                                                                                                                                                                                                                                      https://uymtnxoiutrbebdxcfngvhbjnklijuygtfbrdxevfcgvhbjn.b-cdn.net/updatinggeneral004/index.html?b=Y3VzdG9tZXJzZXJ2aWNldGVhbUB3YWl0cm9zZS5jby51aw==Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 172.67.41.16
                                                                                                                                                                                                                                                                                      chrome.cloudflare-dns.comktyihkdfesf.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                      • 172.64.41.3
                                                                                                                                                                                                                                                                                      pjthjsdjgjrtavv.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                      • 162.159.61.3
                                                                                                                                                                                                                                                                                      invoice.docmGet hashmaliciousMetasploitBrowse
                                                                                                                                                                                                                                                                                      • 162.159.61.3
                                                                                                                                                                                                                                                                                      ep_setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 162.159.61.3
                                                                                                                                                                                                                                                                                      file.exeGet hashmaliciousScreenConnect Tool, LummaC, Amadey, Cryptbot, LummaC Stealer, VidarBrowse
                                                                                                                                                                                                                                                                                      • 172.64.41.3
                                                                                                                                                                                                                                                                                      QhR8Zp6fZs.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                                      • 162.159.61.3
                                                                                                                                                                                                                                                                                      CNUXJvLcgw.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                                      • 172.64.41.3
                                                                                                                                                                                                                                                                                      xWpAZpLw47.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                                      • 172.64.41.3
                                                                                                                                                                                                                                                                                      File di reclamo per violazione del copyright File di reclamo per violazione del copyright.lnk.d.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 172.64.41.3
                                                                                                                                                                                                                                                                                      pM3fQBuTLy.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                      • 162.159.61.3
                                                                                                                                                                                                                                                                                      jsdelivr.map.fastly.nethttps://whtt.termlicari.ru/HnkNbg/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 151.101.65.229
                                                                                                                                                                                                                                                                                      https://ipfs.io/ipfs/bafybeih7f27bkklyai5zhnf5s57wuee5khsdrrblepmiz5bozrxxoam2lq/index12.html#pdeneve@vanas.euGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                      • 151.101.129.229
                                                                                                                                                                                                                                                                                      https://www.grapevine.org/join/next-gen-giving-circle-dcGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 151.101.65.229
                                                                                                                                                                                                                                                                                      http://bluepeak-group.com/fcGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 151.101.1.229
                                                                                                                                                                                                                                                                                      Credit Card Authorization Form.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 151.101.129.229
                                                                                                                                                                                                                                                                                      https://adobe.blob.core.windows.net/adobe/adobe.html?sp=r&st=2024-12-17T20:58:07Z&se=2025-01-11T04:58:07Z&spr=https&sv=2022-11-02&sr=b&sig=vDeHaevGyq9deO2tRq9D03JLZreACGon6EF%2FhhJQk7s%3DGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 151.101.1.229
                                                                                                                                                                                                                                                                                      https://6movies.stream/series/cobra-kai-80711/6-4/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 151.101.1.229
                                                                                                                                                                                                                                                                                      http://sdgfdjfgd19sdgfghfs.z33.web.core.windows.netGet hashmaliciousTechSupportScamBrowse
                                                                                                                                                                                                                                                                                      • 151.101.129.229
                                                                                                                                                                                                                                                                                      http://www.delinian.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 151.101.1.229
                                                                                                                                                                                                                                                                                      http://www.delinian.com/delinian-group-trading-companiesGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 151.101.65.229

                                                                                                                                                                                                                                                                                      ASNs

                                                                                                                                                                                                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                      CLOUDFLARENETUSfile.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, LummaC Stealer, PureLog Stealer, Stealc, zgRATBrowse
                                                                                                                                                                                                                                                                                      • 172.67.197.170
                                                                                                                                                                                                                                                                                      https://l.facebook.com/l.php?u=https%3A%2F%2Ft.me%2FPAWSOG_bot%2FPAWS%3Fstartapp%3Dy6XarDUx%26fbclid%3DIwZXh0bgNhZW0CMTAAAR3IsDSVMcBgD-KKIyBXkOWfUkEFRcacr_vOCRRmviPmkFBUb89K461Xors_aem_phLdcKrpf4KWQzIltAO6sg&h=AT0WVJB1xqSKqrvz6oCyiCr2S_kisddMHHYmkei4Ws2sbL4pRphOmNE4PXT0dksI9PktkcW4m87_ll8cIS3t1M10038szd68S2XeJYojq6dQAb2PNvHsZFU9AcnVKku-Ww&__tn__=R%5D-R&c%5B0%5D=AT333mRdaoK-Yj4Ygf4lXueSR8jJ8CACMU4jPPhyx4Dd8BU65ez-7IWN-rjEtxmQ4vnelW50DVCFSTPJgFIJWEEx8TitUX4wIVY-t-NciHl77nL94VWL9IfsUrTxvCQB2zyPBhLoYnhspB5Xwyppb4fz5drOP91P-bJPoqSIEG9eoaQFOXaOYJeNVBj8A6jTCbgB-MXs3Mr2iqYLeO7DnF-q9v0FShLlwJK2Dtzfkv1OxBm45LKEAXAPoI199zlXmZpVMznjGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 1.1.1.1
                                                                                                                                                                                                                                                                                      https://www.bacselearning.co.uk/learn/forgot-passwordGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 104.22.38.92
                                                                                                                                                                                                                                                                                      QUOTATION#008792.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                                                                                                      • 104.26.13.205
                                                                                                                                                                                                                                                                                      Invoice DHL - AWB 2024 E4001 - 0000731.exeGet hashmaliciousSnake KeyloggerBrowse
                                                                                                                                                                                                                                                                                      • 104.21.67.152
                                                                                                                                                                                                                                                                                      https://click.pstmrk.it/3s/veed.io%2Fshare-video-link%3Ftoken%3DeyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE3MzQ2MzE2NDgsImlhdCI6MTczNDYzMDc0OCwic3ViIjoiZmY0NTdiM2MtYjI3MC00YzA0LWEwOTEtYjY3ZDJkOGQ3ZTU1Iiwicm9sZXMiOltdLCJraWQiOiJwcm9qZWN0cy92ZWVkLXByb2Qtc2VydmVyL2xvY2F0aW9ucy9ldXJvcGUtd2VzdDEva2V5UmluZ3MvdmVlZC1wcm9kLWtleXJpbmcvY3J5cHRvS2V5cy92ZWVkLXByb2QtandrLWtleS9jcnlwdG9LZXlWZXJzaW9ucy8xIiwiZmVhdHVyZXMiOnt9LCJzY29wZXMiOltdfQ.f-EtSCYYeQiR4cEb8w5ABF3koXpbxl8QeFIarADkLP6q32DzsnFZl76Y98Uad7M8RBPPuOQOV9SUbCY1hRa4IbqV9_4cTm0v7DuBTCKOZbHN1NiATZOGw2BzdEMqIEfnNo5A_H2_DLVQZLtd6sZzcRoNBzbmcq2_xlzWgmqIErGV0VYXIb-Vac1b-3wmAgIyE-VS7Cd5aHYtVyiV9T5HfrpjPl7-M6dLIaQqm6103z7gO_qoKow1qbFmNgGaUsQED1CHbqo-hCgXzib7NToyu0Qq4kSl-2NEzgLMKy1zFR2J0E0vr9FHirjR9fmmDF2nk76Ht8L2WbV-dRyXZBZaUikfojo56vYWI9cfSQrG_awuFNR0M1s6dpPwumDM8sXlMZYt4u5WZaNcRZynPHXeqNZcdwKhlZrFN0U3B3U7B69avz_FlMxw6Or_0aeJkUP5YZP3wH-IIbwwa6es37u8G7gWYINEfp-pJlKV7klV1CcskLf_53iNx7MtxgvAXLMNZJ2tnuxY8W6w_E-pchjpNP2I5NV2Ui2_bNSgl3kBuX3oWsX0m_wL3MZ39pE3paPp2FAIgQPpZ5a0BhmPYsMk2IPPel2dll8j1IYBwHsZ5a1IHsHA6gTMWkJl-uhAjN4mnXo7Om0NWRZvfFvatgA4YCoTXdntM31GIZxAyWF9a14%26postLoginUrl%3D%252Fview%252F3ab9b7be-178c-4289-b29e-75921856f7f5%252F/oMlP/0SC6AQ/AQ/15f5e010-d260-490a-9e5d-79f5643b5481/1/HSOO9aL291Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 172.66.0.227
                                                                                                                                                                                                                                                                                      wp-s2.exeGet hashmaliciousPython BackDoorBrowse
                                                                                                                                                                                                                                                                                      • 104.20.22.46
                                                                                                                                                                                                                                                                                      https://p.placed.com/api/v2/sync/impression?partner=barkley&plaid=0063o000014sWgoAAE&version=1.0&payload_campaign_identifier=71700000100870630&payload_timestamp=5943094174221506287&payload_type=impression&redirect=http%3A%2F%2Fgoogle.com%2Famp%2Fs%2Fgoal.com.co%2Fwp%2FpaymentGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                      • 104.16.123.96
                                                                                                                                                                                                                                                                                      YU SV Payment.exeGet hashmaliciousMassLogger RATBrowse
                                                                                                                                                                                                                                                                                      • 172.67.177.134
                                                                                                                                                                                                                                                                                      wp-s2.exeGet hashmaliciousPython BackDoorBrowse
                                                                                                                                                                                                                                                                                      • 104.20.22.46
                                                                                                                                                                                                                                                                                      CLOUDFLARENETUSfile.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, LummaC Stealer, PureLog Stealer, Stealc, zgRATBrowse
                                                                                                                                                                                                                                                                                      • 172.67.197.170
                                                                                                                                                                                                                                                                                      https://l.facebook.com/l.php?u=https%3A%2F%2Ft.me%2FPAWSOG_bot%2FPAWS%3Fstartapp%3Dy6XarDUx%26fbclid%3DIwZXh0bgNhZW0CMTAAAR3IsDSVMcBgD-KKIyBXkOWfUkEFRcacr_vOCRRmviPmkFBUb89K461Xors_aem_phLdcKrpf4KWQzIltAO6sg&h=AT0WVJB1xqSKqrvz6oCyiCr2S_kisddMHHYmkei4Ws2sbL4pRphOmNE4PXT0dksI9PktkcW4m87_ll8cIS3t1M10038szd68S2XeJYojq6dQAb2PNvHsZFU9AcnVKku-Ww&__tn__=R%5D-R&c%5B0%5D=AT333mRdaoK-Yj4Ygf4lXueSR8jJ8CACMU4jPPhyx4Dd8BU65ez-7IWN-rjEtxmQ4vnelW50DVCFSTPJgFIJWEEx8TitUX4wIVY-t-NciHl77nL94VWL9IfsUrTxvCQB2zyPBhLoYnhspB5Xwyppb4fz5drOP91P-bJPoqSIEG9eoaQFOXaOYJeNVBj8A6jTCbgB-MXs3Mr2iqYLeO7DnF-q9v0FShLlwJK2Dtzfkv1OxBm45LKEAXAPoI199zlXmZpVMznjGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 1.1.1.1
                                                                                                                                                                                                                                                                                      https://www.bacselearning.co.uk/learn/forgot-passwordGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 104.22.38.92
                                                                                                                                                                                                                                                                                      QUOTATION#008792.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                                                                                                      • 104.26.13.205
                                                                                                                                                                                                                                                                                      Invoice DHL - AWB 2024 E4001 - 0000731.exeGet hashmaliciousSnake KeyloggerBrowse
                                                                                                                                                                                                                                                                                      • 104.21.67.152
                                                                                                                                                                                                                                                                                      https://click.pstmrk.it/3s/veed.io%2Fshare-video-link%3Ftoken%3DeyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE3MzQ2MzE2NDgsImlhdCI6MTczNDYzMDc0OCwic3ViIjoiZmY0NTdiM2MtYjI3MC00YzA0LWEwOTEtYjY3ZDJkOGQ3ZTU1Iiwicm9sZXMiOltdLCJraWQiOiJwcm9qZWN0cy92ZWVkLXByb2Qtc2VydmVyL2xvY2F0aW9ucy9ldXJvcGUtd2VzdDEva2V5UmluZ3MvdmVlZC1wcm9kLWtleXJpbmcvY3J5cHRvS2V5cy92ZWVkLXByb2QtandrLWtleS9jcnlwdG9LZXlWZXJzaW9ucy8xIiwiZmVhdHVyZXMiOnt9LCJzY29wZXMiOltdfQ.f-EtSCYYeQiR4cEb8w5ABF3koXpbxl8QeFIarADkLP6q32DzsnFZl76Y98Uad7M8RBPPuOQOV9SUbCY1hRa4IbqV9_4cTm0v7DuBTCKOZbHN1NiATZOGw2BzdEMqIEfnNo5A_H2_DLVQZLtd6sZzcRoNBzbmcq2_xlzWgmqIErGV0VYXIb-Vac1b-3wmAgIyE-VS7Cd5aHYtVyiV9T5HfrpjPl7-M6dLIaQqm6103z7gO_qoKow1qbFmNgGaUsQED1CHbqo-hCgXzib7NToyu0Qq4kSl-2NEzgLMKy1zFR2J0E0vr9FHirjR9fmmDF2nk76Ht8L2WbV-dRyXZBZaUikfojo56vYWI9cfSQrG_awuFNR0M1s6dpPwumDM8sXlMZYt4u5WZaNcRZynPHXeqNZcdwKhlZrFN0U3B3U7B69avz_FlMxw6Or_0aeJkUP5YZP3wH-IIbwwa6es37u8G7gWYINEfp-pJlKV7klV1CcskLf_53iNx7MtxgvAXLMNZJ2tnuxY8W6w_E-pchjpNP2I5NV2Ui2_bNSgl3kBuX3oWsX0m_wL3MZ39pE3paPp2FAIgQPpZ5a0BhmPYsMk2IPPel2dll8j1IYBwHsZ5a1IHsHA6gTMWkJl-uhAjN4mnXo7Om0NWRZvfFvatgA4YCoTXdntM31GIZxAyWF9a14%26postLoginUrl%3D%252Fview%252F3ab9b7be-178c-4289-b29e-75921856f7f5%252F/oMlP/0SC6AQ/AQ/15f5e010-d260-490a-9e5d-79f5643b5481/1/HSOO9aL291Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 172.66.0.227
                                                                                                                                                                                                                                                                                      wp-s2.exeGet hashmaliciousPython BackDoorBrowse
                                                                                                                                                                                                                                                                                      • 104.20.22.46
                                                                                                                                                                                                                                                                                      https://p.placed.com/api/v2/sync/impression?partner=barkley&plaid=0063o000014sWgoAAE&version=1.0&payload_campaign_identifier=71700000100870630&payload_timestamp=5943094174221506287&payload_type=impression&redirect=http%3A%2F%2Fgoogle.com%2Famp%2Fs%2Fgoal.com.co%2Fwp%2FpaymentGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                      • 104.16.123.96
                                                                                                                                                                                                                                                                                      YU SV Payment.exeGet hashmaliciousMassLogger RATBrowse
                                                                                                                                                                                                                                                                                      • 172.67.177.134
                                                                                                                                                                                                                                                                                      wp-s2.exeGet hashmaliciousPython BackDoorBrowse
                                                                                                                                                                                                                                                                                      • 104.20.22.46
                                                                                                                                                                                                                                                                                      CLOUDFLARENETUSfile.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, LummaC Stealer, PureLog Stealer, Stealc, zgRATBrowse
                                                                                                                                                                                                                                                                                      • 172.67.197.170
                                                                                                                                                                                                                                                                                      https://l.facebook.com/l.php?u=https%3A%2F%2Ft.me%2FPAWSOG_bot%2FPAWS%3Fstartapp%3Dy6XarDUx%26fbclid%3DIwZXh0bgNhZW0CMTAAAR3IsDSVMcBgD-KKIyBXkOWfUkEFRcacr_vOCRRmviPmkFBUb89K461Xors_aem_phLdcKrpf4KWQzIltAO6sg&h=AT0WVJB1xqSKqrvz6oCyiCr2S_kisddMHHYmkei4Ws2sbL4pRphOmNE4PXT0dksI9PktkcW4m87_ll8cIS3t1M10038szd68S2XeJYojq6dQAb2PNvHsZFU9AcnVKku-Ww&__tn__=R%5D-R&c%5B0%5D=AT333mRdaoK-Yj4Ygf4lXueSR8jJ8CACMU4jPPhyx4Dd8BU65ez-7IWN-rjEtxmQ4vnelW50DVCFSTPJgFIJWEEx8TitUX4wIVY-t-NciHl77nL94VWL9IfsUrTxvCQB2zyPBhLoYnhspB5Xwyppb4fz5drOP91P-bJPoqSIEG9eoaQFOXaOYJeNVBj8A6jTCbgB-MXs3Mr2iqYLeO7DnF-q9v0FShLlwJK2Dtzfkv1OxBm45LKEAXAPoI199zlXmZpVMznjGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 1.1.1.1
                                                                                                                                                                                                                                                                                      https://www.bacselearning.co.uk/learn/forgot-passwordGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 104.22.38.92
                                                                                                                                                                                                                                                                                      QUOTATION#008792.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                                                                                                      • 104.26.13.205
                                                                                                                                                                                                                                                                                      Invoice DHL - AWB 2024 E4001 - 0000731.exeGet hashmaliciousSnake KeyloggerBrowse
                                                                                                                                                                                                                                                                                      • 104.21.67.152
                                                                                                                                                                                                                                                                                      https://click.pstmrk.it/3s/veed.io%2Fshare-video-link%3Ftoken%3DeyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE3MzQ2MzE2NDgsImlhdCI6MTczNDYzMDc0OCwic3ViIjoiZmY0NTdiM2MtYjI3MC00YzA0LWEwOTEtYjY3ZDJkOGQ3ZTU1Iiwicm9sZXMiOltdLCJraWQiOiJwcm9qZWN0cy92ZWVkLXByb2Qtc2VydmVyL2xvY2F0aW9ucy9ldXJvcGUtd2VzdDEva2V5UmluZ3MvdmVlZC1wcm9kLWtleXJpbmcvY3J5cHRvS2V5cy92ZWVkLXByb2QtandrLWtleS9jcnlwdG9LZXlWZXJzaW9ucy8xIiwiZmVhdHVyZXMiOnt9LCJzY29wZXMiOltdfQ.f-EtSCYYeQiR4cEb8w5ABF3koXpbxl8QeFIarADkLP6q32DzsnFZl76Y98Uad7M8RBPPuOQOV9SUbCY1hRa4IbqV9_4cTm0v7DuBTCKOZbHN1NiATZOGw2BzdEMqIEfnNo5A_H2_DLVQZLtd6sZzcRoNBzbmcq2_xlzWgmqIErGV0VYXIb-Vac1b-3wmAgIyE-VS7Cd5aHYtVyiV9T5HfrpjPl7-M6dLIaQqm6103z7gO_qoKow1qbFmNgGaUsQED1CHbqo-hCgXzib7NToyu0Qq4kSl-2NEzgLMKy1zFR2J0E0vr9FHirjR9fmmDF2nk76Ht8L2WbV-dRyXZBZaUikfojo56vYWI9cfSQrG_awuFNR0M1s6dpPwumDM8sXlMZYt4u5WZaNcRZynPHXeqNZcdwKhlZrFN0U3B3U7B69avz_FlMxw6Or_0aeJkUP5YZP3wH-IIbwwa6es37u8G7gWYINEfp-pJlKV7klV1CcskLf_53iNx7MtxgvAXLMNZJ2tnuxY8W6w_E-pchjpNP2I5NV2Ui2_bNSgl3kBuX3oWsX0m_wL3MZ39pE3paPp2FAIgQPpZ5a0BhmPYsMk2IPPel2dll8j1IYBwHsZ5a1IHsHA6gTMWkJl-uhAjN4mnXo7Om0NWRZvfFvatgA4YCoTXdntM31GIZxAyWF9a14%26postLoginUrl%3D%252Fview%252F3ab9b7be-178c-4289-b29e-75921856f7f5%252F/oMlP/0SC6AQ/AQ/15f5e010-d260-490a-9e5d-79f5643b5481/1/HSOO9aL291Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 172.66.0.227
                                                                                                                                                                                                                                                                                      wp-s2.exeGet hashmaliciousPython BackDoorBrowse
                                                                                                                                                                                                                                                                                      • 104.20.22.46
                                                                                                                                                                                                                                                                                      https://p.placed.com/api/v2/sync/impression?partner=barkley&plaid=0063o000014sWgoAAE&version=1.0&payload_campaign_identifier=71700000100870630&payload_timestamp=5943094174221506287&payload_type=impression&redirect=http%3A%2F%2Fgoogle.com%2Famp%2Fs%2Fgoal.com.co%2Fwp%2FpaymentGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                      • 104.16.123.96
                                                                                                                                                                                                                                                                                      YU SV Payment.exeGet hashmaliciousMassLogger RATBrowse
                                                                                                                                                                                                                                                                                      • 172.67.177.134
                                                                                                                                                                                                                                                                                      wp-s2.exeGet hashmaliciousPython BackDoorBrowse
                                                                                                                                                                                                                                                                                      • 104.20.22.46
                                                                                                                                                                                                                                                                                      FASTLYUShttps://click.pstmrk.it/3s/veed.io%2Fshare-video-link%3Ftoken%3DeyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE3MzQ2MzE2NDgsImlhdCI6MTczNDYzMDc0OCwic3ViIjoiZmY0NTdiM2MtYjI3MC00YzA0LWEwOTEtYjY3ZDJkOGQ3ZTU1Iiwicm9sZXMiOltdLCJraWQiOiJwcm9qZWN0cy92ZWVkLXByb2Qtc2VydmVyL2xvY2F0aW9ucy9ldXJvcGUtd2VzdDEva2V5UmluZ3MvdmVlZC1wcm9kLWtleXJpbmcvY3J5cHRvS2V5cy92ZWVkLXByb2QtandrLWtleS9jcnlwdG9LZXlWZXJzaW9ucy8xIiwiZmVhdHVyZXMiOnt9LCJzY29wZXMiOltdfQ.f-EtSCYYeQiR4cEb8w5ABF3koXpbxl8QeFIarADkLP6q32DzsnFZl76Y98Uad7M8RBPPuOQOV9SUbCY1hRa4IbqV9_4cTm0v7DuBTCKOZbHN1NiATZOGw2BzdEMqIEfnNo5A_H2_DLVQZLtd6sZzcRoNBzbmcq2_xlzWgmqIErGV0VYXIb-Vac1b-3wmAgIyE-VS7Cd5aHYtVyiV9T5HfrpjPl7-M6dLIaQqm6103z7gO_qoKow1qbFmNgGaUsQED1CHbqo-hCgXzib7NToyu0Qq4kSl-2NEzgLMKy1zFR2J0E0vr9FHirjR9fmmDF2nk76Ht8L2WbV-dRyXZBZaUikfojo56vYWI9cfSQrG_awuFNR0M1s6dpPwumDM8sXlMZYt4u5WZaNcRZynPHXeqNZcdwKhlZrFN0U3B3U7B69avz_FlMxw6Or_0aeJkUP5YZP3wH-IIbwwa6es37u8G7gWYINEfp-pJlKV7klV1CcskLf_53iNx7MtxgvAXLMNZJ2tnuxY8W6w_E-pchjpNP2I5NV2Ui2_bNSgl3kBuX3oWsX0m_wL3MZ39pE3paPp2FAIgQPpZ5a0BhmPYsMk2IPPel2dll8j1IYBwHsZ5a1IHsHA6gTMWkJl-uhAjN4mnXo7Om0NWRZvfFvatgA4YCoTXdntM31GIZxAyWF9a14%26postLoginUrl%3D%252Fview%252F3ab9b7be-178c-4289-b29e-75921856f7f5%252F/oMlP/0SC6AQ/AQ/15f5e010-d260-490a-9e5d-79f5643b5481/1/HSOO9aL291Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 199.232.168.157
                                                                                                                                                                                                                                                                                      https://p.placed.com/api/v2/sync/impression?partner=barkley&plaid=0063o000014sWgoAAE&version=1.0&payload_campaign_identifier=71700000100870630&payload_timestamp=5943094174221506287&payload_type=impression&redirect=http%3A%2F%2Fgoogle.com%2Famp%2Fs%2Fgoal.com.co%2Fwp%2FpaymentGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                      • 151.101.2.137
                                                                                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, PureLog Stealer, RHADAMANTHYS, zgRATBrowse
                                                                                                                                                                                                                                                                                      • 185.199.110.133
                                                                                                                                                                                                                                                                                      https://us-east-2.protection.sophos.com/?d=purogosouls.github.io&u=aHR0cHM6Ly9wdXJvZ29zb3Vscy5naXRodWIuaW8vNjRkczZmNHM5ZDRmODlzZDRzZjQ2c2Q0ZjYv&i=NWQ0M2E1N2M3M2U5MzQxMGM1NjBhNmQ1&t=dEtlN04wQWZmZ0hqZlpiZEYwVXZ4NHFvc2NQNGtsUWl4Unlndk5helZOaz0=&h=356f16f6a39049efa5b305c7477e094a&s=AVNPUEhUT0NFTkNSWVBUSVZaHP6eDnex344kFPbGkNGwPXEfGJHtcvdIV0gRc1_JzA%20us-east-2.protection.sophos.comGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                      • 151.101.130.137
                                                                                                                                                                                                                                                                                      Dec 2024_12192924_Image.pdfGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                      • 151.101.194.137
                                                                                                                                                                                                                                                                                      http://supplytic.ca/chuu/wpia/posha/sf_rand_string_mixed(24)/terence.tinnelly@innocapglobal.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 151.101.130.137
                                                                                                                                                                                                                                                                                      https://workrubinnovations.com/wp-includes/kih/login.html?General=hLskkvfnVcqEPbdrK7sunT26PsAphHOxpizUKt2RC0aCijWkm4KdKAm8rk2qEAtO77hTNQ1F3KTfWtNkeEuTUzu5miygK9V9H06Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                      • 151.101.194.137
                                                                                                                                                                                                                                                                                      https://docs.google.com/presentation/d/e/2PACX-1vRbuxCSjoSTqnuwwycGfoopwUno5J5X0s9YIzYdS1Me8P6MAP3FFMvOzHT6E_SBRsWcXRtJqZiYhJR5/pub?start=false&loop=false&delayms=3000Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                      • 151.101.2.137
                                                                                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, LummaC Stealer, PureLog Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                      • 185.199.109.133
                                                                                                                                                                                                                                                                                      ghostspider.7zGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      • 151.101.65.91

                                                                                                                                                                                                                                                                                      JA3 Fingerprints

                                                                                                                                                                                                                                                                                      No context

                                                                                                                                                                                                                                                                                      Dropped Files

                                                                                                                                                                                                                                                                                      No context

                                                                                                                                                                                                                                                                                      Created / dropped Files

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\D3DSCache\ab326b5a64fa2db7\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):65552
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.01267959957008888
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:JklGlll/l/lXp9ZjrPBY0Ll4lt/Qf1DP:q0dPBY0y4dz
                                                                                                                                                                                                                                                                                      MD5:F82406D91DAD32A842033CE56EA73522
                                                                                                                                                                                                                                                                                      SHA1:4864C2D6780FF0F8211C4A561EE90F76AE2840E0
                                                                                                                                                                                                                                                                                      SHA-256:CF1AE0AB6FEB70464C9305F3355383B901CCBF0810F335ED5EA2FEB822C46638
                                                                                                                                                                                                                                                                                      SHA-512:F340D5B65B840BF7C9699AEF837F2107F8204E2ADE706175C415576B049C00FFD97328B59C7F4EC3A51B27724A0C4AB1C0E3075B53A3C78B51B224947B13FEC3
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:moderate, very likely benign file
                                                                                                                                                                                                                                                                                      Preview:".7a........................................f...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\D3DSCache\ab326b5a64fa2db7\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):4
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.5
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:R:R
                                                                                                                                                                                                                                                                                      MD5:F49655F856ACB8884CC0ACE29216F511
                                                                                                                                                                                                                                                                                      SHA1:CB0F1F87EC0455EC349AAA950C600475AC7B7B6B
                                                                                                                                                                                                                                                                                      SHA-256:7852FCE59C67DDF1D6B8B997EAA1ADFAC004A9F3A91C37295DE9223674011FBA
                                                                                                                                                                                                                                                                                      SHA-512:599E93D25B174524495ED29653052B3590133096404873318F05FD68F4C9A5C9A3B30574551141FBB73D7329D6BE342699A17F3AE84554BAB784776DFDA2D5F8
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:EERF

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\D3DSCache\ab326b5a64fa2db7\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:Matlab v4 mat-file (little endian) (, numeric, rows 0, columns 16, imaginary
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):65536
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.03435668575671323
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:G9q0SbdlrYoWcV0Ndlg1IGiFTS2tGAYkAtD2Hrn:bpbdpYrNg1IlFoAzc2L
                                                                                                                                                                                                                                                                                      MD5:16D388D094ECDC534C83C4403965A9F4
                                                                                                                                                                                                                                                                                      SHA1:F18AC7E0A3D71E92B794DCE0A3832A119A45A4B7
                                                                                                                                                                                                                                                                                      SHA-256:A982B3BE404EBC13123D18E30EF704FA7860379DFD77FE6C0427A43931D6FBC6
                                                                                                                                                                                                                                                                                      SHA-512:D4502577A673595A8F3E63BA0F083090ECEF5AFF0EDC09FF5E84C8855ADE46955A1C62C216A7D3D790D7B1E21815365332ACCAB5CE8304A309A7D9534EB53333
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:....................(....x:no.&A.e.u~+..C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.\.E.d.g.e.W.e.b.V.i.e.w.\.A.p.p.l.i.c.a.t.i.o.n.\.1.1.7...0...2.0.4.5...4.7.\.m.s.e.d.g.e.w.e.b.v.i.e.w.2...e.x.e...........................(...p.DJ!.IL.....Zm.F............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2278
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.845245013234902
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:uiTrlKxrgxDJxl9Il8uY90NEblNQo6frFB0fs8kd1rc:mQYK90NEbwomr0k8j
                                                                                                                                                                                                                                                                                      MD5:2ED194494E044FAC4CC8D0975C000EBB
                                                                                                                                                                                                                                                                                      SHA1:DAB29127D8613A48A9918B768664CCFA84BC5667
                                                                                                                                                                                                                                                                                      SHA-256:8F7033FF3639C74407546F0CBF0F7BA0AE38A03707F19EED86BE33FA8DFD2BF3
                                                                                                                                                                                                                                                                                      SHA-512:6B0E90309505019E481C7114552FDCF714E1E7C3F2B173253AB12CBE16B5126F65AB02F61243974D03A8237C011032DFE33C6B975C34D72AFAD8BD08A746FBA4
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".W.i.p.w.W.M.+.N.H.l.b.C.D.m.s.Z.p.8.S.O.s.j.h.t.F.B.s.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.C.G.s.d.t.d.S.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.P.o.n.u.H.a.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2684
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.9026354028165047
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:uiTrlKx68Wa7x+6yxl9Il8uiTE0yGpIz3WYqUGC03wqmm4z+gi7nlvCxr0NyNd/U:a89YQI01pel90T6Bi7nFCWNV
                                                                                                                                                                                                                                                                                      MD5:21429BBC4905D62DFE78CE65D585AEF8
                                                                                                                                                                                                                                                                                      SHA1:2FFA944259B6C621EA0694A2BFE14A4CB4493343
                                                                                                                                                                                                                                                                                      SHA-256:59DB80CD5BDAB9E83B86E59A54D622EE4F2014AFBE0B2375EB2714CF374B25D7
                                                                                                                                                                                                                                                                                      SHA-512:10C0F6BBC206C8B8FC97E7B6A8C8DCBEE68ACFBB06255B50AB104214AC4BC7DA7CA71CC8EB9317D734C25ABC04045E514F84F4B1C4EADA887E89D399913D13DA
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".6.N.3.U.y.9.n.A.U.E.q.s.5.u.9.6.E./.o.g.0.E./.V.J.A.g.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".g.E.d.l.j.a.B.x.3.A.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.P.o.n.u.H.a.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\51090fd7-de28-450d-b18f-d3538746d428.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:PNG image data, 1132 x 579, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                      Category:modified
                                                                                                                                                                                                                                                                                      Size (bytes):307118
                                                                                                                                                                                                                                                                                      Entropy (8bit):7.99229798808749
                                                                                                                                                                                                                                                                                      Encrypted:true
                                                                                                                                                                                                                                                                                      SSDEEP:6144:o4aa+jyWWRxAC+EXv1Ibo88VcgHZO8XDYP4uhNQbNmsp7C7M//sALsKByouKA7W:VaaEIAC+EYo8ihpzG4QmFWws08KAa
                                                                                                                                                                                                                                                                                      MD5:2396AEB9C4B048EA874F2EB42EBF9324
                                                                                                                                                                                                                                                                                      SHA1:F60137B6BD0CDB6BC1C259D2110C586730B1F46B
                                                                                                                                                                                                                                                                                      SHA-256:E58FC1495C84A4B3B108A70A538EF19D3C2A86F1E08E343CB19FA8A7C965DCE8
                                                                                                                                                                                                                                                                                      SHA-512:9163FDDCF2577BD51ED6D21E9DDCB501C002DC2CFC57BBD5FE51FC1E0796604DD1AEFC79DCDF3CA72A47654E4278078FBF3131575EB22617A36CA845BC5FA397
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:.PNG........IHDR...l...C.....^......pHYs.................sRGB.........gAMA......a....aIDATx.......4.&T....|.=].iy7.P0"..Tn.......B......F..h..9...1..:,[.NN.,y.u...=.......~.....!...H.x..Uu.....lN5..x}f.l.6cp..>X..k..h.p.yF~l.+.FR>.r\.r3.q....szWd*m..W.g.m._'....[...g.].\C.....5.j....... ..\|n.V.-..F.......%..<K...C...U...,....U;....17...J?....<#f.c.c\...F.q.g..*...........fQ.%.8QF.4.A.Qo...k...F..Q6.X.......Gh.g....).......f.2E$U...]..q..g......h4..8.-.s...:C.|._..ym..jl.wY0A..d.X...J..........g.".....w..k4...j.Z....:{....H....Wt.fA..G..j3._YyF, nB.u.E.(.3..u..d..?66.....=....`...h..(.{.~j..h4.).D..]7X.......%...$.@.T...._`.,..*.S..).qv..!.M........h.kq69.$.._...8..2U"ag.Z.....WI......m.....{i._...=E..!G*~.B;{..PDWl.....2.yV..m_.-Q.F....`....d..0[...u..o.....Y..........T..Q..V'5..~.k.&k.......x...U..w.5N~.....KT3....^%].g......s....:......q......0Z}.......I.*\.fA...a.h4.....].|\D.s.+..u.^.........f.A.([.9U...*I.h4..x..p.j.M.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\4968c6d2-2348-4d9e-a8aa-f332f91c0f6e.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):949
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.737028626061788
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:YKWJu5rrtLewbEE/JLIYB0aeCUWORd9bvXp1QQRCYfYg:Yqf5Ss/B0ZHPRvIB0
                                                                                                                                                                                                                                                                                      MD5:A1BD4309C05CFA03FC4CDD78F9CA4AC5
                                                                                                                                                                                                                                                                                      SHA1:39187647FE9D66EB27848B0D9C33C6BD57CEA1AA
                                                                                                                                                                                                                                                                                      SHA-256:69162179B54E8705C99F2091A794CEC49E9C1EAF06F84C5C3BD38E05ACED0D37
                                                                                                                                                                                                                                                                                      SHA-512:58C7CE9CFE2640651ABAC784CB0E23051F5E7FDD892EA79CCDA8E20C40383FC7DA29D2DAECDF2DF49BBAED8B017E650DF0CD630FDB30A0C833CD91534851DBB5
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAA+ie4dovOsTaFMEnLRJUCCEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAAAnbI75Mc3PMpwf2vxVvhatxapykcsSNF9ztEP0njLDYQAAAAAOgAAAAAIAACAAAABL1/XcnJ15zrzEkZyF5LxZVNB6uVndTQZGnX234gSMfDAAAABG5OubdjwCshwdBTLx9Sih3PUPqAYBzVbZ+5olUJ9F2Pl4NqIgxTyIKw7JK/lz4zdAAAAAwJ/rYmv/mF5nWFmvJFyEIfL7qzVnS2Z5HJOTnGbHNt4mWa892oC4MQN5zqdvFGc5Gmgg1bQOiacRgcahB+dlaA=="},"uninstall_metrics":{"installation_date2":"1734692707"},"user_experience_metrics":{"client_id2":"{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}C:\\Users\\user0s:92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A","diagnostics":{"last_data_collection_level_on_launch":1},"low_entropy_source3":3395,"pseudo_low_entropy_source":522,"reset_client_id_deterministic":true,"stability":{"browser_last_live_timestamp":"13379166307310326","stats_buildtime":"1695934310","stats_version":"117.0.2045.47-64","system_crash_count":0}}}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\5abaeeb1-a85c-4075-8e15-5cd294d9f2f7.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2052
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.47634067488883
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:YDEFMsFiHC0af5Sskr5n7HB+sdrxIB0ZH7RRTIBG/d2a:PNkC1f5ANDBBKSZ1RTII4a
                                                                                                                                                                                                                                                                                      MD5:A9B86C3A99768589BF180B078731500B
                                                                                                                                                                                                                                                                                      SHA1:81CF8F1F294159245482562D5C7F028B46E04D2C
                                                                                                                                                                                                                                                                                      SHA-256:A3652FC440A157D1610785F8330D8FE5DA6E9FD209DAD14733EE6E148B0AF6A5
                                                                                                                                                                                                                                                                                      SHA-512:5FEBE1A28AF089A13A02C9FD002FDEF05F06A11D763D209B5CBE8A29D28714567FDCEA7B708C22296087889FC1F1BD48642F22E67FAFC09185D0F6B5615DAE47
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"dual_engine":{"ie_to_edge":{"redirection_mode":0}},"edge":{"tab_stabs":{"closed_without_unfreeze_never_unfrozen":0,"closed_without_unfreeze_previously_unfrozen":0,"discard_without_unfreeze_never_unfrozen":0,"discard_without_unfreeze_previously_unfrozen":0},"tab_stats":{"frozen_daily":0,"unfrozen_daily":0}},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAA+ie4dovOsTaFMEnLRJUCCEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAAAnbI75Mc3PMpwf2vxVvhatxapykcsSNF9ztEP0njLDYQAAAAAOgAAAAAIAACAAAABL1/XcnJ15zrzEkZyF5LxZVNB6uVndTQZGnX234gSMfDAAAABG5OubdjwCshwdBTLx9Sih3PUPqAYBzVbZ+5olUJ9F2Pl4NqIgxTyIKw7JK/lz4zdAAAAAwJ/rYmv/mF5nWFmvJFyEIfL7qzVnS2Z5HJOTnGbHNt4mWa892oC4MQN5zqdvFGc5Gmgg1bQOiacRgcahB+dlaA=="},"policy":{"last_statistics_update":"13379166307548831"},"profile":{"info_cache":{},"profile_counts_reported":"13379166307555928","profiles_order":[]},

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\6bc0dc3c-2e01-4220-9b9d-f76c1708c2b5.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):3512
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.285187249643344
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:96:PNkGSCMRDf5A/8rh/cIyURoDoto+8fBk0SZ1RTIX4u:PNBSJRdLVoDUUkVty
                                                                                                                                                                                                                                                                                      MD5:5E9DD74BCE401758F8659A6AE06503C4
                                                                                                                                                                                                                                                                                      SHA1:FE376E18A476769CA66DD95C8E23798C8F24747D
                                                                                                                                                                                                                                                                                      SHA-256:4FC7B5F55E22FA2181AAEBF40897C9BEEF89DEA387D33171663006AE4BC562C3
                                                                                                                                                                                                                                                                                      SHA-512:E94C1739EECBAB26518D7342727238FE3236AE0D92C5A9E8826A8CCEE05F963F9727CE91C72A42A52DAB508D82960622A6400CF00759EFA73676E5477ADB0793
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"dual_engine":{"ie_to_edge":{"redirection_mode":0}},"edge":{"tab_stabs":{"closed_without_unfreeze_never_unfrozen":0,"closed_without_unfreeze_previously_unfrozen":0,"discard_without_unfreeze_never_unfrozen":0,"discard_without_unfreeze_previously_unfrozen":0},"tab_stats":{"frozen_daily":0,"unfrozen_daily":0}},"fre":{"oem_bookmarks_set":true},"hardware_acceleration_mode_previous":true,"is_dsp_recommended":true,"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.734692709438925e+12,"network":1.73469271e+12,"ticks":5394404062.0,"uncertainty":3669017.0}},"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAA+ie4dovOsTaFMEnLRJUCCEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAAAnbI75Mc3PMpwf2vxVvhatxapykcsSNF9ztEP0njLDYQAAAAAOgAAAAAIAACAAAABL1/XcnJ15zrzEkZyF5LxZVNB6uVndTQZGnX234gSMfDAAAABG5OubdjwCshwdBTLx9Sih3PUPqAYBzVbZ+5olUJ9F2Pl4NqIgxTyIKw7JK/lz4zdAAAAAwJ/rYmv/mF5nWFmvJFyEIfL7qzVnS2Z5HJOTnGbH

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\897cf057-33d0-4589-baff-53a1902cdf20.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):17618
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.063382605117367
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:384:dtMkaMJH2m8qVT8IeQ0I5t0b9MEFqNl89VeipVDM8:XMkbJrT8IeQc5FMipVDj
                                                                                                                                                                                                                                                                                      MD5:0A7A2FE8B07F51EF13A5252CC5694677
                                                                                                                                                                                                                                                                                      SHA1:055A66AE89E33810459D557DBC58E3F94A0795EA
                                                                                                                                                                                                                                                                                      SHA-256:8B2458233406D5A29C8AFDFEFC4CF14B7653687F38A6E8352CE93449875C62AD
                                                                                                                                                                                                                                                                                      SHA-512:CE1FE22D5B69D5511757992A0771095E2ABBE0C6173C1FDBBCC5EAE7E2D8946A77DC6C1464BF0F3928B7679DCDCC680C2396916FB3B0FDDCC8D3D73EF34B6931
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm3rXSyzABnWdKBG+Ijlx7hEE4QTzo+AB6fnDLLJBpo7PKv8Ob367/KjUg8mcY6CmCjTJCmtsWFOcUf5vj04cw0e1yZe2WAl8svFn5IC43jfc+dLnGrEyDwAicHCxNdhlrVa5LEtTgt5u2lAK02pd198r5dr5VYgHj55vViEOsF96z3F4ONrN2yeYHGQlo5wvtB8h5moYSz3q4XkgOLF68CtN9bg4RrXXMpaCsrtm158Ii7QF+b2Xe4pcP9WmmQQPfW3MPK3vutAkF92eZ7P7Xw59TAM/Xo+dJlBvYcfjI+KQYiMwDeq8wvchf+8fPfPPLcZ/KFm8bG4FljbVPigsVWQEqHL2vBay66hdg1F7Kydil8K9Pwl4LVThXUnCL448fFvVayoDCWsdbVqNMUlJkiPsBWAMpciK6VFzCA4g6Ya+AgMj+8/wkfpDfC4Y2ZPYK8UE

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\BrowserMetrics-spare.pma (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1310720
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3::
                                                                                                                                                                                                                                                                                      MD5:1045BFD216AE1AE480DD0EF626F5FF39
                                                                                                                                                                                                                                                                                      SHA1:377E869BC123602E9B568816B76BE600ED03DBD0
                                                                                                                                                                                                                                                                                      SHA-256:439292E489A0A35E4A3A0FE304EA1A680337243FA53B135AA9310881E1D7E078
                                                                                                                                                                                                                                                                                      SHA-512:F9F8FCC23FC084AF69D7C9ABB0EF72C4684AC8DDF7FA6B2028E2F19FD67435F28534C0CF5B17453DFE352437C777D6F71CFE1D6AD3542AD9D636263400908FD2
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\BrowserMetrics-spare.pma.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1310720
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3::
                                                                                                                                                                                                                                                                                      MD5:1045BFD216AE1AE480DD0EF626F5FF39
                                                                                                                                                                                                                                                                                      SHA1:377E869BC123602E9B568816B76BE600ED03DBD0
                                                                                                                                                                                                                                                                                      SHA-256:439292E489A0A35E4A3A0FE304EA1A680337243FA53B135AA9310881E1D7E078
                                                                                                                                                                                                                                                                                      SHA-512:F9F8FCC23FC084AF69D7C9ABB0EF72C4684AC8DDF7FA6B2028E2F19FD67435F28534C0CF5B17453DFE352437C777D6F71CFE1D6AD3542AD9D636263400908FD2
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\BrowserMetrics\BrowserMetrics-67654F63-9C8.pma

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1310720
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.504668287280816
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:1536:pfNJJEZFm/kaYk3RAojilWHqzmhQ7RG+C+k+:B/JEEkaYk3RCcHqREb+
                                                                                                                                                                                                                                                                                      MD5:60B69940A2ACFF2E740D44C33AA6B168
                                                                                                                                                                                                                                                                                      SHA1:ADE7625FC02B3A03968653F328730B51C1A03F19
                                                                                                                                                                                                                                                                                      SHA-256:FDA080E4508E8C174BCF2EEB4909E7D4F776CCA33FC48BE80DAA39DD5CFB1F4D
                                                                                                                                                                                                                                                                                      SHA-512:01AF8625C2B175934AD60339474DCF23B02CD7EBA55E61C4B9D0C739F394B34337E88F6A20AEF03DD1C6F6BCF2C8E9C19E6BDFE91AC82B2239993F3B0E516ABF
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:...@............C.].....@..................H...............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30....E.........117.0.2045.47-64".en-GB*...Windows NT..10.0.190452(..x86_64..?........".kwuaef20,1...x86_64J....?.^o..P......................>..*......nW:00000000000000000000000000000000000000000000!00000000000000000000000000000000000000000000!Ocean-T2I4I8O9.exe.&1900/01/01:00:00:00!Ocean-T2I4I8O9.exe".1.0.0.02...".*.:................,..(.......EarlyProcessSingleton.......Default3.(..$.......msEdgeEDropUI.......triggered....8..4... ...msDelayLoadAuthenticationManager....triggered....<..8...#...msSleepingTabsShorterTimeoutDefault.....triggered....8..4... ...msEdgeMouseGestureDefaultEnabled....triggered....8..4.......msEdgeShowHomeButtonByDefault.......triggered....<..8...$...msConsumerIEMode

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Crashpad\settings.dat

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):280
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.8802514265597519
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:FiWWltlDQ5UcNldNEjYb1gmlx/ll:o1DQ5F3dfCmlZl
                                                                                                                                                                                                                                                                                      MD5:E76C8296BD74B32FFCAC8DC2197D5EE7
                                                                                                                                                                                                                                                                                      SHA1:4364BCB0E91152B1383A57ED8796B34D8720F9B9
                                                                                                                                                                                                                                                                                      SHA-256:68A92A407B5DA059F5A966FB0A9A5E4CE53CDE92684C6367025944E3EE5CB874
                                                                                                                                                                                                                                                                                      SHA-512:572182354014F8F3AE30772A5302979C684573866015464998978B5B967191559E6D85712EF3EEC01A816042A22D0C4FA3A9DA628CE397D8DDAF62B41D604449
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:sdPC.........................A...gmEy`................................................................................................................................................................................................{F3017226-FE2A-4295-8BDF-00C3A9A7E4C.}C:........

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Crashpad\throttle_store.dat

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):20
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.6219280948873624
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:8g6Vvn:8g6Vv
                                                                                                                                                                                                                                                                                      MD5:9E4E94633B73F4A7680240A0FFD6CD2C
                                                                                                                                                                                                                                                                                      SHA1:E68E02453CE22736169A56FDB59043D33668368F
                                                                                                                                                                                                                                                                                      SHA-256:41C91A9C93D76295746A149DCE7EBB3B9EE2CB551D84365FFF108E59A61CC304
                                                                                                                                                                                                                                                                                      SHA-512:193011A756B2368956C71A9A3AE8BC9537D99F52218F124B2E64545EEB5227861D372639052B74D0DD956CB33CA72A9107E069F1EF332B9645044849D14AF337
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:level=none expiry=0.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\189f0a20-74b8-46e4-811c-fbfae4801fe3.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:modified
                                                                                                                                                                                                                                                                                      Size (bytes):5939
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.78437242144478
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:96:stlS/J7tcs1mGPb9KiG8zq85eh6Cb7/x+6MhmuecmAem3Y02MR7K:stlqJxcsVGkq88bV+FiAFY0PhK
                                                                                                                                                                                                                                                                                      MD5:691D2386A6AEDB8A3604016AFD5A8C19
                                                                                                                                                                                                                                                                                      SHA1:100E13675808A52F4A25C800426982D1BD113A1F
                                                                                                                                                                                                                                                                                      SHA-256:4772E9C20FA3880CCA62B09A5B7E36B81791C12991064D4A5E0A5B21FDB682E4
                                                                                                                                                                                                                                                                                      SHA-512:D44C8C71B7F5F12C762C413AA4E9C5224868A6AE16DE4ADC2A1EA57A5E80351227C8F6EDD633201DA9F78F1251DE5A34E76A81BEEC1F4E774453A4719D56FB54
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13379166307690134","alternate_error_pages":{"backup":true,"enabled":false},"autocomplete":{"retention_policy_last_version":117},"autofill":{"autostuff_enabled":false,"credit_card_enabled":false,"custom_data_enabled":false,"custom_data_fill_enabled":false,"custom_data_identify_info_from_form_enabled":false,"custom_data_save_enabled":false},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"browser_content_container_height":374,"browser_content_container_width":661,"browser_content_container_x":0,"browser_content_container_y":0,"countryid_at_install":17224,"credentials_enable_service":false,"dips_timer_last_update":"13379166308069835","domain_diversity":{"last_reporting_timestamp":"13379166307832187"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\41fd4a94-8b7f-49d1-870a-7e463bfc064b.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):5895
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.786759936648754
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:96:stlS/J7tcs13Pb9KiG8zq85eh6Cb7/x+6MhmuecmAem3Y02MR7K:stlqJxcszGkq88bV+FiAFY0PhK
                                                                                                                                                                                                                                                                                      MD5:6AA97D9648F22C54B35DF6549FA7C7A0
                                                                                                                                                                                                                                                                                      SHA1:5E9257306A0E3DCB72508C43CD6C4B4B94794C62
                                                                                                                                                                                                                                                                                      SHA-256:55CF5166D1BC024F298795052818BE8679759D3ACFEF46AF7410A20219D00118
                                                                                                                                                                                                                                                                                      SHA-512:99A2089E345E668202E80607EED4CBC61499AAB51142F814933943AC512F487F4C557B903FADB88C610F3FC5754D3F80D0C6890001DAFEE2660E842944A731C5
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13379166307690134","alternate_error_pages":{"backup":true,"enabled":false},"autocomplete":{"retention_policy_last_version":117},"autofill":{"autostuff_enabled":false,"credit_card_enabled":false,"custom_data_enabled":false,"custom_data_fill_enabled":false,"custom_data_identify_info_from_form_enabled":false,"custom_data_save_enabled":false},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"browser_content_container_height":374,"browser_content_container_width":661,"browser_content_container_x":0,"browser_content_container_y":0,"countryid_at_install":17224,"credentials_enable_service":false,"dips_timer_last_update":"13379166308069835","domain_diversity":{"last_reporting_timestamp":"13379166307832187"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\AssistanceHome\AssistanceHomeSQLite

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):12288
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.3202460253800455
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:l9bNFlEuWk8TRH9MRumWEyE4gLueXdNOmWxFxCxmWxYgCxmW5y/mWz4ynLAtD/W4:TLiuWkMORuHEyESeXdwDQ3SOAtD/ie
                                                                                                                                                                                                                                                                                      MD5:40B18EC43DB334E7B3F6295C7626F28D
                                                                                                                                                                                                                                                                                      SHA1:0E46584B0E0A9703C6B2EC1D246F41E63AF2296F
                                                                                                                                                                                                                                                                                      SHA-256:85E961767239E90A361FB6AA0A3FD9DAA57CAAF9E30599BB70124F1954B751C8
                                                                                                                                                                                                                                                                                      SHA-512:8BDACDC4A9559E4273AD01407D5D411035EECD927385A51172F401558444AD29B5AD2DC5562D1101244665EBE86BBDDE072E75ECA050B051482005EB6A52CDBD
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Cache\Cache_Data\data_0

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):8192
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.01057775872642915
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsFl:/F
                                                                                                                                                                                                                                                                                      MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                                                                                                                                      SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                                                                                                                                      SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                                                                                                                                      SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Cache\Cache_Data\data_1

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):270336
                                                                                                                                                                                                                                                                                      Entropy (8bit):8.280239615765425E-4
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsEllllkEthXllkl2:/M/xT02
                                                                                                                                                                                                                                                                                      MD5:D0D388F3865D0523E451D6BA0BE34CC4
                                                                                                                                                                                                                                                                                      SHA1:8571C6A52AACC2747C048E3419E5657B74612995
                                                                                                                                                                                                                                                                                      SHA-256:902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B
                                                                                                                                                                                                                                                                                      SHA-512:376011D00DE659EB6082A74E862CFAC97A9BB508E0B740761505142E2D24EC1C30AA61EFBC1C0DD08FF0F34734444DE7F77DD90A6CA42B48A4C7FAD5F0BDDD17
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Cache\Cache_Data\data_2

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):8192
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.011852361981932763
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsHlDll:/H
                                                                                                                                                                                                                                                                                      MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                                                                                                                                      SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                                                                                                                                      SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                                                                                                                                      SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Cache\Cache_Data\data_3

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):8192
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.012340643231932763
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                                                                                                                                      MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                                                                                                                                      SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                                                                                                                                      SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                                                                                                                                      SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Cache\Cache_Data\index

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):524656
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.027445846313988E-4
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:LsulF:Ls
                                                                                                                                                                                                                                                                                      MD5:B2B2D0DD306DC303DD217A2D3192889C
                                                                                                                                                                                                                                                                                      SHA1:B4A238214E8483A65BFDCF0BFDBBC087DACFC23F
                                                                                                                                                                                                                                                                                      SHA-256:F1591EE3DD756422AF230E5C99665694C835DB19EA6A0E34FAC269C49273046F
                                                                                                                                                                                                                                                                                      SHA-512:CDBD8826F7BAD6B7C946650362F3A288DBC26D0639FE77B100AED5541BF64C37E03B1E1E4111B69E549246D5670A644BF11AC414A19315A4742581472DA60233
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:........................................~.V.G./.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Code Cache\js\index

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):24
                                                                                                                                                                                                                                                                                      Entropy (8bit):2.1431558784658327
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:m+l:m
                                                                                                                                                                                                                                                                                      MD5:54CB446F628B2EA4A5BCE5769910512E
                                                                                                                                                                                                                                                                                      SHA1:C27CA848427FE87F5CF4D0E0E3CD57151B0D820D
                                                                                                                                                                                                                                                                                      SHA-256:FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
                                                                                                                                                                                                                                                                                      SHA-512:8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:0\r..m..................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Code Cache\js\index-dir\temp-index

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):48
                                                                                                                                                                                                                                                                                      Entropy (8bit):2.9972243200613975
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:XwoSyEdPho:goKdJo
                                                                                                                                                                                                                                                                                      MD5:8059B05760F82CA558563359F670FF8E
                                                                                                                                                                                                                                                                                      SHA1:A0184AC127A5BBAF5FA360B2D34B360A0CFE6B31
                                                                                                                                                                                                                                                                                      SHA-256:2BBA428DC932D9DD949E89A58826FA2EA9C6C927EB3C8DAC6AE4B473087B8C37
                                                                                                                                                                                                                                                                                      SHA-512:9A75E8CAFD79A91F5684B0FB419480EAAE133E1B6E349C94A614C3051F263170959757B151902BBD645A0D38962A4539FEEFC0A917C21D0D7091CEFAA108CEDA
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:(.......oy retne........................A)+.G./.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Code Cache\js\index-dir\the-real-index (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):48
                                                                                                                                                                                                                                                                                      Entropy (8bit):2.9972243200613975
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:XwoSyEdPho:goKdJo
                                                                                                                                                                                                                                                                                      MD5:8059B05760F82CA558563359F670FF8E
                                                                                                                                                                                                                                                                                      SHA1:A0184AC127A5BBAF5FA360B2D34B360A0CFE6B31
                                                                                                                                                                                                                                                                                      SHA-256:2BBA428DC932D9DD949E89A58826FA2EA9C6C927EB3C8DAC6AE4B473087B8C37
                                                                                                                                                                                                                                                                                      SHA-512:9A75E8CAFD79A91F5684B0FB419480EAAE133E1B6E349C94A614C3051F263170959757B151902BBD645A0D38962A4539FEEFC0A917C21D0D7091CEFAA108CEDA
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:(.......oy retne........................A)+.G./.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Code Cache\wasm\index

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):24
                                                                                                                                                                                                                                                                                      Entropy (8bit):2.1431558784658327
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:m+l:m
                                                                                                                                                                                                                                                                                      MD5:54CB446F628B2EA4A5BCE5769910512E
                                                                                                                                                                                                                                                                                      SHA1:C27CA848427FE87F5CF4D0E0E3CD57151B0D820D
                                                                                                                                                                                                                                                                                      SHA-256:FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
                                                                                                                                                                                                                                                                                      SHA-512:8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:0\r..m..................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Code Cache\wasm\index-dir\temp-index

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):48
                                                                                                                                                                                                                                                                                      Entropy (8bit):2.9972243200613975
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:XwoSyEdPho:goKdJo
                                                                                                                                                                                                                                                                                      MD5:8059B05760F82CA558563359F670FF8E
                                                                                                                                                                                                                                                                                      SHA1:A0184AC127A5BBAF5FA360B2D34B360A0CFE6B31
                                                                                                                                                                                                                                                                                      SHA-256:2BBA428DC932D9DD949E89A58826FA2EA9C6C927EB3C8DAC6AE4B473087B8C37
                                                                                                                                                                                                                                                                                      SHA-512:9A75E8CAFD79A91F5684B0FB419480EAAE133E1B6E349C94A614C3051F263170959757B151902BBD645A0D38962A4539FEEFC0A917C21D0D7091CEFAA108CEDA
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:(.......oy retne........................A)+.G./.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Code Cache\wasm\index-dir\the-real-index (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):48
                                                                                                                                                                                                                                                                                      Entropy (8bit):2.9972243200613975
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:XwoSyEdPho:goKdJo
                                                                                                                                                                                                                                                                                      MD5:8059B05760F82CA558563359F670FF8E
                                                                                                                                                                                                                                                                                      SHA1:A0184AC127A5BBAF5FA360B2D34B360A0CFE6B31
                                                                                                                                                                                                                                                                                      SHA-256:2BBA428DC932D9DD949E89A58826FA2EA9C6C927EB3C8DAC6AE4B473087B8C37
                                                                                                                                                                                                                                                                                      SHA-512:9A75E8CAFD79A91F5684B0FB419480EAAE133E1B6E349C94A614C3051F263170959757B151902BBD645A0D38962A4539FEEFC0A917C21D0D7091CEFAA108CEDA
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:(.......oy retne........................A)+.G./.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\DIPS

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):28672
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.43508159006069336
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:TLi5YFQq3qh7z3WMYziciNW9WkZ96UwOfBI:TouQq3qh7z3bY2LNW9WMcUvB
                                                                                                                                                                                                                                                                                      MD5:F5237AED0F897E7619A94843845A3EC3
                                                                                                                                                                                                                                                                                      SHA1:A0C752C9C28A753CFB051AACE2ADA78A6D1288C3
                                                                                                                                                                                                                                                                                      SHA-256:D4463972AD7B1582F05C8E17074CE863D45CA625C2C672DB0D37F3AF4C7ACE42
                                                                                                                                                                                                                                                                                      SHA-512:D3C9718794E455D415D8EDF23B576E0A70356B8D71B8DD374D25B8065FEF608E114E13395B4B54462739882A141F4DBE00E3A370D6E4160504428A849CC893A3
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j..........g.....8...n................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\DawnCache\data_0

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):8192
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.01057775872642915
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsFl:/F
                                                                                                                                                                                                                                                                                      MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                                                                                                                                      SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                                                                                                                                      SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                                                                                                                                      SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\DawnCache\data_1

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):270336
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                                      MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                                      SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                                      SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                                      SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\DawnCache\data_2

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):8192
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.011852361981932763
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsHlDll:/H
                                                                                                                                                                                                                                                                                      MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                                                                                                                                      SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                                                                                                                                      SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                                                                                                                                      SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\DawnCache\data_3

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):8192
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.012340643231932763
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                                                                                                                                      MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                                                                                                                                      SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                                                                                                                                      SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                                                                                                                                      SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\DawnCache\index

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):262512
                                                                                                                                                                                                                                                                                      Entropy (8bit):9.553120663130604E-4
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:LsNlml:Ls3ml
                                                                                                                                                                                                                                                                                      MD5:65413B912AEAB036F1530F5A944A3F50
                                                                                                                                                                                                                                                                                      SHA1:C6F9983D9D9FCD67EEAD8C17D694750466692994
                                                                                                                                                                                                                                                                                      SHA-256:AF3A25580B655F11067644662F0491B634A058E017D2D6139428AD6E702B6124
                                                                                                                                                                                                                                                                                      SHA-512:682FDB857E6911A127A4A96B752F1EEAAB3681EF1E436B7F3A98D4535897368F3A99847492C1E5189467A1AC77DBCEB1F5B071AD0145C228B593C448AE2270C2
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:..........................................1.G./.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\EdgeEDrop\EdgeEDropSQLite.db

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 14, database pages 8, cookie 0xe, schema 4, UTF-8, version-valid-for 14
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):32768
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.494709561094235
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:TLEC30OIcqIn2o0FUFlA2cs0US5S693Xlej2:ThLaJUnAg0UB6I
                                                                                                                                                                                                                                                                                      MD5:CF7760533536E2AF66EA68BC3561B74D
                                                                                                                                                                                                                                                                                      SHA1:E991DE2EA8F42AE7E0A96A3B3B8AF87A689C8CCD
                                                                                                                                                                                                                                                                                      SHA-256:E1F183FAE5652BA52F5363A7E28BF62B53E7781314C9AB76B5708AF9918BE066
                                                                                                                                                                                                                                                                                      SHA-512:38B15FE7503F6DFF9D39BC74AA0150A7FF038029F973BE9A37456CDE6807BCBDEAB06E624331C8DFDABE95A5973B0EE26A391DB2587E614A37ADD50046470162
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j...i............t...c................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Extension Rules\000001.dbtmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                      MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                      SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                      SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                      SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Extension Rules\000003.log

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):38
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:FQxlXNQxlX:qTCT
                                                                                                                                                                                                                                                                                      MD5:51A2CBB807F5085530DEC18E45CB8569
                                                                                                                                                                                                                                                                                      SHA1:7AD88CD3DE5844C7FC269C4500228A630016AB5B
                                                                                                                                                                                                                                                                                      SHA-256:1C43A1BDA1E458863C46DFAE7FB43BFB3E27802169F37320399B1DD799A819AC
                                                                                                                                                                                                                                                                                      SHA-512:B643A8FA75EDA90C89AB98F79D4D022BB81F1F62F50ED4E5440F487F22D1163671EC3AE73C4742C11830214173FF2935C785018318F4A4CAD413AE4EEEF985DF
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:.f.5................f.5...............

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Extension Rules\CURRENT (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                      MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                      SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                      SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                      SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Extension Rules\LOG

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):291
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.303290637764301
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:PTf0dQEq1wknaZ5Sw75paVdg2KLl1Tf0KSIq2PwknaZ5Sw75paPrqIFUv:uQE1rHSw75HL7vYrHSw75o3FUv
                                                                                                                                                                                                                                                                                      MD5:A217573E38D25D97CB2F0F89FB4F45A0
                                                                                                                                                                                                                                                                                      SHA1:AB4993C2696BFDE7D6E9A42B6252687B5E88F3D1
                                                                                                                                                                                                                                                                                      SHA-256:08C0E2884092309C5FFDAC756C2EBD5C96A5CE6135B2A6B31F676ED100445CBA
                                                                                                                                                                                                                                                                                      SHA-512:9F11A3CE3CED941D3D189B8B01A432E36117CDCFE9095419244E2584799B90F760121596833C0DFF9F48EEE919014C8672F3AB5383FBD56536084CCE6DA68D61
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:2024/12/20-06:05:07.645 7d0 Creating DB C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Extension Rules since it was missing..2024/12/20-06:05:07.682 7d0 Reusing MANIFEST C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Extension Rules/MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Extension Rules\MANIFEST-000001

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):41
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                      MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                      SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                      SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                      SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Extension Scripts\000001.dbtmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                      MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                      SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                      SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                      SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Extension Scripts\000003.log

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):38
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:FQxlXNQxlX:qTCT
                                                                                                                                                                                                                                                                                      MD5:51A2CBB807F5085530DEC18E45CB8569
                                                                                                                                                                                                                                                                                      SHA1:7AD88CD3DE5844C7FC269C4500228A630016AB5B
                                                                                                                                                                                                                                                                                      SHA-256:1C43A1BDA1E458863C46DFAE7FB43BFB3E27802169F37320399B1DD799A819AC
                                                                                                                                                                                                                                                                                      SHA-512:B643A8FA75EDA90C89AB98F79D4D022BB81F1F62F50ED4E5440F487F22D1163671EC3AE73C4742C11830214173FF2935C785018318F4A4CAD413AE4EEEF985DF
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:.f.5................f.5...............

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Extension Scripts\CURRENT (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                      MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                      SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                      SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                      SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Extension Scripts\LOG

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):295
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.30344349077188
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:PTf0uaEq1wknaZ5Sw75p6FB2KLl1Tf0XAq2PwknaZ5Sw75p65IFUv:uE1rHSw75QFFL7vYrHSw75QWFUv
                                                                                                                                                                                                                                                                                      MD5:676A8F954C8D20924FE69C830E803ED0
                                                                                                                                                                                                                                                                                      SHA1:879972FC4596E0B2C40C6388B7FA6BE8D87816CE
                                                                                                                                                                                                                                                                                      SHA-256:42968E8D5B78DCF4744550FCFFF7B3123F22896F7C0C833F461E09609C16E9EE
                                                                                                                                                                                                                                                                                      SHA-512:1A3CAA669B5A3DD2C986FA502E4135EB0E8E67E4F02A3AC64BA95499350BE32B6B21A64683FE8E3D21557300F5B3764B67304370B735F1AC835996E6DA286E0C
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:2024/12/20-06:05:07.710 7d0 Creating DB C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Extension Scripts since it was missing..2024/12/20-06:05:07.848 7d0 Reusing MANIFEST C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Extension Scripts/MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Extension Scripts\MANIFEST-000001

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):41
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                      MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                      SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                      SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                      SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Extension State\000001.dbtmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                      MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                      SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                      SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                      SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Extension State\000003.log

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):114
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:FQxlXNQxlXNQxlXNQxlXNQxlXNQxlX:qTCTCTCTCTCT
                                                                                                                                                                                                                                                                                      MD5:891A884B9FA2BFF4519F5F56D2A25D62
                                                                                                                                                                                                                                                                                      SHA1:B54A3C12EE78510CB269FB1D863047DD8F571DEA
                                                                                                                                                                                                                                                                                      SHA-256:E2610960C3757D1757F206C7B84378EFA22D86DCF161A98096A5F0E56E1A367E
                                                                                                                                                                                                                                                                                      SHA-512:CD50C3EE4DFB9C4EC051B20DD1E148A5015457EE0C1A29FFF482E62291B32097B07A069DB62951B32F209FD118FD77A46B8E8CC92DA3EAAE6110735D126A90EE
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:.f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Extension State\CURRENT (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                      MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                      SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                      SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                      SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Extension State\LOG

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):291
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.284094605593721
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:PTf0QLEq1wknaZ5Sw75pYg2KLl1Tf0nq2PwknaZ5Sw75pNIFUv:LE1rHSw75NLYvYrHSw75wFUv
                                                                                                                                                                                                                                                                                      MD5:D5D14BE6C929DC47EB208E2B4CF26FDF
                                                                                                                                                                                                                                                                                      SHA1:C66962BB6CFCE39C9D45DE13F6A16B81256E2B4F
                                                                                                                                                                                                                                                                                      SHA-256:1633270FD8A497FCCD56252B4111DB16CC8E01C5B9B89AFB4C33D657E752F5C8
                                                                                                                                                                                                                                                                                      SHA-512:8E7FC9444794A3A5C4042003D8809C6EF05047D1524489403777FB0DA9A2F470412C0BAC38885307336A724E88A5F24FA10080B46E5D13E6ECF1DAB979611C4A
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:2024/12/20-06:05:07.926 7d0 Creating DB C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Extension State since it was missing..2024/12/20-06:05:07.964 7d0 Reusing MANIFEST C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Extension State/MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Extension State\MANIFEST-000001

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):41
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                      MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                      SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                      SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                      SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\ExtensionActivityComp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 1, cookie 0x1, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):4096
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.3169096321222068
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:lSWbNFl/sl+ltl4ltllOl83/XWEEabIDWzdWuAzTgdWj3FtFIU:l9bNFlEs1ok8fDEPDadUTgd81Z
                                                                                                                                                                                                                                                                                      MD5:2554AD7847B0D04963FDAE908DB81074
                                                                                                                                                                                                                                                                                      SHA1:F84ABD8D05D7B0DFB693485614ECF5204989B74A
                                                                                                                                                                                                                                                                                      SHA-256:F6EF01E679B9096A7D8A0BD8151422543B51E65142119A9F3271F25F966E6C42
                                                                                                                                                                                                                                                                                      SHA-512:13009172518387D77A67BBF86719527077BE9534D90CB06E7F34E1CCE7C40B49A185D892EE859A8BAFB69D5EBB6D667831A0FAFBA28AC1F44570C8B68F8C90A4
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\ExtensionActivityEdge

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 8, cookie 0x8, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):32768
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.40981274649195937
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:TL1WK3iOvwxwwweePKmJIOAdQBVA/kjo/TJZwJ9OV3WOT/5eQQ:Tmm+/9ZW943WOT/
                                                                                                                                                                                                                                                                                      MD5:1A7F642FD4F71A656BE75B26B2D9ED79
                                                                                                                                                                                                                                                                                      SHA1:51BBF587FB0CCC2D726DDB95C96757CC2854CFAD
                                                                                                                                                                                                                                                                                      SHA-256:B96B6DDC10C29496069E16089DB0AB6911D7C13B82791868D583897C6D317977
                                                                                                                                                                                                                                                                                      SHA-512:FD14EADCF5F7AB271BE6D8EF682977D1A0B5199A142E4AB353614F2F96AE9B49A6F35A19CC237489F297141994A4A16B580F88FAC44486FCB22C05B2F1C3F7D1
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j............M.....8...b..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Favicons

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 10, cookie 0x8, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):20480
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.6975083372685086
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:LLiZxh0GY/l1rWR1PmCx9fZjsBX+T6UwcE85fBmI:EBmw6fU1zBmI
                                                                                                                                                                                                                                                                                      MD5:F5BBD8449A9C3AB28AC2DE45E9059B01
                                                                                                                                                                                                                                                                                      SHA1:C569D730853C33234AF2402E69C19E0C057EC165
                                                                                                                                                                                                                                                                                      SHA-256:825FF36C4431084C76F3D22CE0C75FA321EA680D1F8548706B43E60FCF5B566E
                                                                                                                                                                                                                                                                                      SHA-512:96ACDED5A51236630A64FAE91B8FA9FAB43E22E0C1BCB80C2DD8D4829E03FBFA75AA6438053599A42EC4BBCF805BF0B1E6DFF9069B2BA182AD0BB30F2542FD3F
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j..........g....._.c...~.2.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................s...;+...indexfavicon_bitmaps_icon_idfavico

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\GPUCache\data_0

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):8192
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.01057775872642915
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsFl:/F
                                                                                                                                                                                                                                                                                      MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                                                                                                                                      SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                                                                                                                                      SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                                                                                                                                      SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\GPUCache\data_1

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):270336
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                                      MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                                      SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                                      SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                                      SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\GPUCache\data_2

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):8192
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.011852361981932763
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsHlDll:/H
                                                                                                                                                                                                                                                                                      MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                                                                                                                                      SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                                                                                                                                      SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                                                                                                                                      SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\GPUCache\data_3

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):8192
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.012340643231932763
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                                                                                                                                      MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                                                                                                                                      SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                                                                                                                                      SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                                                                                                                                      SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\GPUCache\index

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):262512
                                                                                                                                                                                                                                                                                      Entropy (8bit):9.47693366977411E-4
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:LsNlHitK:Ls3
                                                                                                                                                                                                                                                                                      MD5:A222C3C907399DAAB9836EB172F370C8
                                                                                                                                                                                                                                                                                      SHA1:ED95E071CC33D0919E5E3CF9A7408D9E67901A0C
                                                                                                                                                                                                                                                                                      SHA-256:0E6A2E05BC26FE3A668A3E7D9F110ED53298E43DD6F7CAF5704DDEA2C6B56C71
                                                                                                                                                                                                                                                                                      SHA-512:29C2CF47561A10E827A170DEEF5E417163BB0903AAF2EEF7CC1AB5C30075EC10709503ECECE75BA42CE30C96CFF74B9203363D7EB4B39E12DCBAF2CB39F6D7AF
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:........................................X./.G./.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\History

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):155648
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.5407252242845243
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:96:OgWyejzH+bDoYysX0IxQzZkHtpVJNlYDLjGQLBE3CeE0kE:OJhH+bDo3iN0Z2TVJkXBBE3yb
                                                                                                                                                                                                                                                                                      MD5:7B955D976803304F2C0505431A0CF1CF
                                                                                                                                                                                                                                                                                      SHA1:E29070081B18DA0EF9D98D4389091962E3D37216
                                                                                                                                                                                                                                                                                      SHA-256:987FB9BFC2A84C4C605DCB339D4935B52A969B24E70D6DEAC8946BA9A2B432DC
                                                                                                                                                                                                                                                                                      SHA-512:CE2F1709F39683BE4131125BED409103F5EDF1DED545649B186845817C0D69E3D0B832B236F7C4FC09AB7F7BB88E7C9F1E4F7047D1AF56D429752D4D8CBED47A
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......&..................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\History-journal

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):8720
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.21848828281205318
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MZtFlljq7A/mhWJFuQ3yy7IOWU0ludweytllrE9SFcTp4AGbNCV9RUILn:/75fO7d0Xi99pEYhn
                                                                                                                                                                                                                                                                                      MD5:6B389EEA741A560D51EECE9BD5D09507
                                                                                                                                                                                                                                                                                      SHA1:76695B6DA646A569E13E06EC0C122A169D35FE23
                                                                                                                                                                                                                                                                                      SHA-256:46624CDCA8884C65D6938ABC63E6EB38DE03E5974AD4F7761D7F94040F05F367
                                                                                                                                                                                                                                                                                      SHA-512:B56D60ED0949B536154BF6D34C456322ECF50C6387251A4DF61ACBDB4D5F4735829DDD31B5E6829D1DC46B25AE92708AB928197C642BF31BA2491943DEE980F1
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:..............BB...&....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Local Storage\leveldb\000001.dbtmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                      MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                      SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                      SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                      SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Local Storage\leveldb\CURRENT (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                      MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                      SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                      SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                      SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Local Storage\leveldb\LOG

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:modified
                                                                                                                                                                                                                                                                                      Size (bytes):305
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.348473857137276
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:PTf0MRM1wknaZ5Sw751a2jM8B2KLl1Tf04Qfr4q2PwknaZ5Sw751a2jMGIFUv:LRrrHSw751jFLFwr4vYrHSw751EFUv
                                                                                                                                                                                                                                                                                      MD5:641A3544564C1B6D9FA5576BE953B8A0
                                                                                                                                                                                                                                                                                      SHA1:98E3081AF8407D9885146A70BED934629ED1F747
                                                                                                                                                                                                                                                                                      SHA-256:327AEDAFBC1DC772CB0B17AC45750EBEC6919CC984AB3484795CB0C70939CDC1
                                                                                                                                                                                                                                                                                      SHA-512:AB0253C1D2DC06AF240CCF4ADD5A817CF14EB2DD6AD660105CC1ED7A200407B7B07F8794A3B58248BCE33584CD2E75F5BA05E89BF0043D165DBE45875D4F5624
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:2024/12/20-06:05:08.420 1cb4 Creating DB C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Local Storage\leveldb since it was missing..2024/12/20-06:05:08.475 1cb4 Reusing MANIFEST C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Local Storage\leveldb/MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Local Storage\leveldb\MANIFEST-000001

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):41
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                      MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                      SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                      SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                      SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Login Data

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 21, cookie 0xc, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):43008
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.9009435143901008
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:96:C2BeymwLCn8MouB6wzFlXqiEqUvJKLuyn:C2TLG7IwRFqidn
                                                                                                                                                                                                                                                                                      MD5:FB3D677576C25FF04A308A1F627410B7
                                                                                                                                                                                                                                                                                      SHA1:97D530911F9CB0C37717ABB145D748982ADA0440
                                                                                                                                                                                                                                                                                      SHA-256:A79300470D18AF26E3C5B4F23F81915B92D490105CE84A8122BF8100EC0C7517
                                                                                                                                                                                                                                                                                      SHA-512:ED6666B064958B107E55BD76E52D2E5BF7A4791379902D208EF909A6B68803240D372CE03641249EB917C241B36A5684656A48D099A8A084AD34BA009857B098
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Network Action Predictor

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 11, cookie 0x6, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):45056
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.40293591932113104
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:TLVgTjDk5Yk8k+/kCkzD3zzbLGfIzLihje90xq/WMFFfeFzfXVVlYWOT/CUFSe:Tmo9n+8dv/qALihje9kqL42WOT/9F
                                                                                                                                                                                                                                                                                      MD5:ADC0CFB8A1A20DE2C4AB738B413CBEA4
                                                                                                                                                                                                                                                                                      SHA1:238EF489E5FDC6EBB36F09D415FB353350E7097B
                                                                                                                                                                                                                                                                                      SHA-256:7C071E36A64FB1881258712C9880F155D9CBAC693BADCC391A1CB110C257CC37
                                                                                                                                                                                                                                                                                      SHA-512:38C8B7293B8F7BEF03299BAFB981EEEE309945B1BDE26ACDAD6FDD63247C21CA04D493A1DDAFC3B9A1904EFED998E9C7C0C8E98506FD4AC0AB252DFF34566B66
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.......=......\.t.+.>...,...=........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Network\0e669e6e-5693-474c-bdd6-ca99c7c1d4ab.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:[]

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Network\16b2e1c7-306f-4ba0-a79b-a466a62cce36.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):59
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.619434150836742
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:YLbkVKJq0nMb1KKqk1Yn:YHkVKJTnMRKXk1Yn
                                                                                                                                                                                                                                                                                      MD5:78BFCECB05ED1904EDCE3B60CB5C7E62
                                                                                                                                                                                                                                                                                      SHA1:BF77A7461DE9D41D12AA88FBA056BA758793D9CE
                                                                                                                                                                                                                                                                                      SHA-256:C257F929CFF0E4380BF08D9F36F310753F7B1CCB5CB2AB811B52760DD8CB9572
                                                                                                                                                                                                                                                                                      SHA-512:2420DFF6EB853F5E1856CDAB99561A896EA0743FCFF3E04B37CB87EDDF063770608A30C6FFB0319E5D353B0132C5F8135B7082488E425666B2C22B753A6A4D73
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"net":{"network_qualities":{"CAESABiAgICA+P////8B":"3G"}}}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Network\46b1ac15-7f98-4c3b-9d44-9180f3e04f30.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):170
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.902189221807403
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:YLb9N+eAXRfHDHERW6JfYoR6oJbRHeHBYMKWKWMS7PMVKJq0nMb1KKqk1Yn:YHpo03h6ubIa4MS7PMVKJTnMRKXk1Yn
                                                                                                                                                                                                                                                                                      MD5:81454900C372D1E7D245CC9271ED7820
                                                                                                                                                                                                                                                                                      SHA1:9FDB7D94DA03CDDA82F9BCF16E9A56D7A43E6E80
                                                                                                                                                                                                                                                                                      SHA-256:5CB0EAFD710385162181F722ABAA4FC69361001C8BA9E8067CCA8F245446AF27
                                                                                                                                                                                                                                                                                      SHA-512:7133AFE86FFD1ECCBC26A643DB881B2E69ECB15CFC664ED644B5051C94A934A621C482FCC9A7C99595EDC3778FC09FEA47B79877ADC6F37F93ACE3DCA07E4A06
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"net":{"http_server_properties":{"servers":[],"supports_quic":{"address":"192.168.2.4","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"3G"}}}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Network\Cookies

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 7
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):20480
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.6732424250451717
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:TLO1nKbXYFpFNYcoqT1kwE6UwpQ9YHVXxZ6HfB:Tq1KLopF+SawLUO1Xj8B
                                                                                                                                                                                                                                                                                      MD5:CFFF4E2B77FC5A18AB6323AF9BF95339
                                                                                                                                                                                                                                                                                      SHA1:3AA2C2115A8EB4516049600E8832E9BFFE0C2412
                                                                                                                                                                                                                                                                                      SHA-256:EC8B67EF7331A87086A6CC085B085A6B7FFFD325E1B3C90BD3B9B1B119F696AE
                                                                                                                                                                                                                                                                                      SHA-512:0BFDC8D28D09558AA97F4235728AD656FE9F6F2C61DDA2D09B416F89AB60038537B7513B070B907E57032A68B9717F03575DB6778B68386254C8157559A3F1BC
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Network\Network Persistent State (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):59
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.619434150836742
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:YLbkVKJq0nMb1KKqk1Yn:YHkVKJTnMRKXk1Yn
                                                                                                                                                                                                                                                                                      MD5:78BFCECB05ED1904EDCE3B60CB5C7E62
                                                                                                                                                                                                                                                                                      SHA1:BF77A7461DE9D41D12AA88FBA056BA758793D9CE
                                                                                                                                                                                                                                                                                      SHA-256:C257F929CFF0E4380BF08D9F36F310753F7B1CCB5CB2AB811B52760DD8CB9572
                                                                                                                                                                                                                                                                                      SHA-512:2420DFF6EB853F5E1856CDAB99561A896EA0743FCFF3E04B37CB87EDDF063770608A30C6FFB0319E5D353B0132C5F8135B7082488E425666B2C22B753A6A4D73
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"net":{"network_qualities":{"CAESABiAgICA+P////8B":"3G"}}}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Network\Network Persistent State~RF5372cb.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):59
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.619434150836742
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:YLbkVKJq0nMb1KKqk1Yn:YHkVKJTnMRKXk1Yn
                                                                                                                                                                                                                                                                                      MD5:78BFCECB05ED1904EDCE3B60CB5C7E62
                                                                                                                                                                                                                                                                                      SHA1:BF77A7461DE9D41D12AA88FBA056BA758793D9CE
                                                                                                                                                                                                                                                                                      SHA-256:C257F929CFF0E4380BF08D9F36F310753F7B1CCB5CB2AB811B52760DD8CB9572
                                                                                                                                                                                                                                                                                      SHA-512:2420DFF6EB853F5E1856CDAB99561A896EA0743FCFF3E04B37CB87EDDF063770608A30C6FFB0319E5D353B0132C5F8135B7082488E425666B2C22B753A6A4D73
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"net":{"network_qualities":{"CAESABiAgICA+P////8B":"3G"}}}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Network\Reporting and NEL

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):36864
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.5559635235158827
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:T6IopKWurJNVr1GJmA8pv82pfurJNVrdHXuccaurJN2VrJ1n4n1GmzNGU1cSB:OIEumQv8m1ccnvS6
                                                                                                                                                                                                                                                                                      MD5:9AAAE8C040B616D1378F3E0E17689A29
                                                                                                                                                                                                                                                                                      SHA1:F91E7DE07F1DA14D15D067E1F50C3B84A328DBB7
                                                                                                                                                                                                                                                                                      SHA-256:5B94D63C31AE795661F69B9D10E8BFD115584CD6FEF5FBB7AA483FDC6A66945B
                                                                                                                                                                                                                                                                                      SHA-512:436202AB8B6BB0318A30946108E6722DFF781F462EE05980C14F57F347EDDCF8119E236C3290B580CEF6902E1B59FB4F546D6BD69F62479805B39AB0F3308EC1
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j..........g...D.........7............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:[]

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Network\SCT Auditing Pending Reports~RF524b42.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:[]

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):40
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                      MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                      SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                      SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                      SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Network\Trust Tokens

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):36864
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.36515621748816035
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:TLH3lIIAoDJ84l5lDlnDMlRlyKDtM6UwccWfp15fBIe:Tb31DtX5nDOvyKDhU1cSB
                                                                                                                                                                                                                                                                                      MD5:25363ADC3C9D98BAD1A33D0792405CBF
                                                                                                                                                                                                                                                                                      SHA1:D06E343087D86EF1A06F7479D81B26C90A60B5C3
                                                                                                                                                                                                                                                                                      SHA-256:6E019B8B9E389216D5BDF1F2FE63F41EF98E71DA101F2A6BE04F41CC5954532D
                                                                                                                                                                                                                                                                                      SHA-512:CF7EEE35D0E00945AF221BEC531E8BF06C08880DA00BD103FA561BC069D7C6F955CBA3C1C152A4884601E5A670B7487D39B4AE9A4D554ED8C14F129A74E555F7
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.......X..g...}.....$.X..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Network\e5ac0635-b190-4c79-8764-70e72f53c65d.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):40
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                      MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                      SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                      SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                      SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Network\ef764e1a-48cf-424a-81b5-7dfcb68c6665.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:[]

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Preferences (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):5560
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.779249319943278
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:96:stlS/J7tcs13Pb9KiG8zEd81h6Cb7/x+6MhmuecmAem312MR7K:stlqJxcszGkq8vbV+FiAF1PhK
                                                                                                                                                                                                                                                                                      MD5:F691D00D8798B577DBB8279F0D840889
                                                                                                                                                                                                                                                                                      SHA1:12B7D6D906736617A42870899CB0FB5859DC5ED7
                                                                                                                                                                                                                                                                                      SHA-256:90AB79B728FC4EDB74AA958D2B2D9AECBA9D3B9DD64C061D1C993B26B6C5AEF3
                                                                                                                                                                                                                                                                                      SHA-512:B5AEED7A99B046C3776827A5A6D1434CE0B9230F345675646F65E11472BC94CE1568530A58E08BB4BDBD8E17EDF9691C767032B48662304C977698A801BE8106
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13379166307690134","alternate_error_pages":{"backup":true,"enabled":false},"autocomplete":{"retention_policy_last_version":117},"autofill":{"autostuff_enabled":false,"credit_card_enabled":false,"custom_data_enabled":false,"custom_data_fill_enabled":false,"custom_data_identify_info_from_form_enabled":false,"custom_data_save_enabled":false},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"browser_content_container_height":374,"browser_content_container_width":661,"browser_content_container_x":0,"browser_content_container_y":0,"countryid_at_install":17224,"credentials_enable_service":false,"dips_timer_last_update":"13379166308069835","domain_diversity":{"last_reporting_timestamp":"13379166307832187"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Preferences~RF52c3ce.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):5560
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.779249319943278
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:96:stlS/J7tcs13Pb9KiG8zEd81h6Cb7/x+6MhmuecmAem312MR7K:stlqJxcszGkq8vbV+FiAF1PhK
                                                                                                                                                                                                                                                                                      MD5:F691D00D8798B577DBB8279F0D840889
                                                                                                                                                                                                                                                                                      SHA1:12B7D6D906736617A42870899CB0FB5859DC5ED7
                                                                                                                                                                                                                                                                                      SHA-256:90AB79B728FC4EDB74AA958D2B2D9AECBA9D3B9DD64C061D1C993B26B6C5AEF3
                                                                                                                                                                                                                                                                                      SHA-512:B5AEED7A99B046C3776827A5A6D1434CE0B9230F345675646F65E11472BC94CE1568530A58E08BB4BDBD8E17EDF9691C767032B48662304C977698A801BE8106
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13379166307690134","alternate_error_pages":{"backup":true,"enabled":false},"autocomplete":{"retention_policy_last_version":117},"autofill":{"autostuff_enabled":false,"credit_card_enabled":false,"custom_data_enabled":false,"custom_data_fill_enabled":false,"custom_data_identify_info_from_form_enabled":false,"custom_data_save_enabled":false},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"browser_content_container_height":374,"browser_content_container_width":661,"browser_content_container_x":0,"browser_content_container_y":0,"countryid_at_install":17224,"credentials_enable_service":false,"dips_timer_last_update":"13379166308069835","domain_diversity":{"last_reporting_timestamp":"13379166307832187"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Preferences~RF535c16.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):5560
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.779249319943278
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:96:stlS/J7tcs13Pb9KiG8zEd81h6Cb7/x+6MhmuecmAem312MR7K:stlqJxcszGkq8vbV+FiAF1PhK
                                                                                                                                                                                                                                                                                      MD5:F691D00D8798B577DBB8279F0D840889
                                                                                                                                                                                                                                                                                      SHA1:12B7D6D906736617A42870899CB0FB5859DC5ED7
                                                                                                                                                                                                                                                                                      SHA-256:90AB79B728FC4EDB74AA958D2B2D9AECBA9D3B9DD64C061D1C993B26B6C5AEF3
                                                                                                                                                                                                                                                                                      SHA-512:B5AEED7A99B046C3776827A5A6D1434CE0B9230F345675646F65E11472BC94CE1568530A58E08BB4BDBD8E17EDF9691C767032B48662304C977698A801BE8106
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13379166307690134","alternate_error_pages":{"backup":true,"enabled":false},"autocomplete":{"retention_policy_last_version":117},"autofill":{"autostuff_enabled":false,"credit_card_enabled":false,"custom_data_enabled":false,"custom_data_fill_enabled":false,"custom_data_identify_info_from_form_enabled":false,"custom_data_save_enabled":false},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"browser_content_container_height":374,"browser_content_container_width":661,"browser_content_container_x":0,"browser_content_container_y":0,"countryid_at_install":17224,"credentials_enable_service":false,"dips_timer_last_update":"13379166308069835","domain_diversity":{"last_reporting_timestamp":"13379166307832187"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Preferences~RF54459b.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):5560
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.779249319943278
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:96:stlS/J7tcs13Pb9KiG8zEd81h6Cb7/x+6MhmuecmAem312MR7K:stlqJxcszGkq8vbV+FiAF1PhK
                                                                                                                                                                                                                                                                                      MD5:F691D00D8798B577DBB8279F0D840889
                                                                                                                                                                                                                                                                                      SHA1:12B7D6D906736617A42870899CB0FB5859DC5ED7
                                                                                                                                                                                                                                                                                      SHA-256:90AB79B728FC4EDB74AA958D2B2D9AECBA9D3B9DD64C061D1C993B26B6C5AEF3
                                                                                                                                                                                                                                                                                      SHA-512:B5AEED7A99B046C3776827A5A6D1434CE0B9230F345675646F65E11472BC94CE1568530A58E08BB4BDBD8E17EDF9691C767032B48662304C977698A801BE8106
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13379166307690134","alternate_error_pages":{"backup":true,"enabled":false},"autocomplete":{"retention_policy_last_version":117},"autofill":{"autostuff_enabled":false,"credit_card_enabled":false,"custom_data_enabled":false,"custom_data_fill_enabled":false,"custom_data_identify_info_from_form_enabled":false,"custom_data_save_enabled":false},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"browser_content_container_height":374,"browser_content_container_width":661,"browser_content_container_x":0,"browser_content_container_y":0,"countryid_at_install":17224,"credentials_enable_service":false,"dips_timer_last_update":"13379166308069835","domain_diversity":{"last_reporting_timestamp":"13379166307832187"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\PreferredApps

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):33
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.051821770808046
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:YVXADAEvTLSJ:Y9AcEvHSJ
                                                                                                                                                                                                                                                                                      MD5:2B432FEF211C69C745ACA86DE4F8E4AB
                                                                                                                                                                                                                                                                                      SHA1:4B92DA8D4C0188CF2409500ADCD2200444A82FCC
                                                                                                                                                                                                                                                                                      SHA-256:42B55D126D1E640B1ED7A6BDCB9A46C81DF461FA7E131F4F8C7108C2C61C14DE
                                                                                                                                                                                                                                                                                      SHA-512:948502DE4DC89A7E9D2E1660451FCD0F44FD3816072924A44F145D821D0363233CC92A377DBA3A0A9F849E3C17B1893070025C369C8120083A622D025FE1EACF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:{"preferred_apps":[],"version":1}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\README

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):182
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.2629097520179995
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:RGXKRjg0QwVIWRKXECSAV6jDyhjgHGAW+LB2Z4MKLFE1SwhiFAfXQmWyKBPMwRgK:z3frsUpAQQgHGwB26MK8Sw06fXQmWtRT
                                                                                                                                                                                                                                                                                      MD5:643E00B0186AA80523F8A6BED550A925
                                                                                                                                                                                                                                                                                      SHA1:EC4056125D6F1A8890FFE01BFFC973C2F6ABD115
                                                                                                                                                                                                                                                                                      SHA-256:A0C9ABAE18599F0A65FC654AD36251F6330794BEA66B718A09D8B297F3E38E87
                                                                                                                                                                                                                                                                                      SHA-512:D91A934EAF7D9D669B8AD4452234DE6B23D15237CB4D251F2C78C8339CEE7B4F9BA6B8597E35FE8C81B3D6F64AE707C68FF492903C0EDC3E4BAF2C6B747E247D
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:Microsoft Edge settings and storage represent user-selected preferences and information and MUST not be extracted, overwritten or modified except through Microsoft Edge defined APIs.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Secure Preferences (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):6780
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.580578868683031
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:96:vgisPlf/ROoBpkF5d1Dis7VaTEv9V5h5pg5vezodIU8rFSpsA5IOrMn3YPo0MG6f:ZYrnA9l5hSpFIOAn3go0iugT
                                                                                                                                                                                                                                                                                      MD5:5B1A50D8DE4B41C71F0651700B974704
                                                                                                                                                                                                                                                                                      SHA1:D716B1C83B1C712C44AD9B85B58641E94380FC42
                                                                                                                                                                                                                                                                                      SHA-256:B1DA64A1E88EE48F5AF10B808A2EE6BF960A73905BCCC442D96EC796024ACD25
                                                                                                                                                                                                                                                                                      SHA-512:F4AC8075E415A7CB909F988841C032F899532E4DA1233C8AEF6C8CF4583A262204A04F91F60729468E354331F461095646352175ACD4C07A7BB943D78536BAA2
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"extensions":{"settings":{"dgiklkfkllikcanfonkcabmbdfmgleag":{"active_permissions":{"api":[],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13379166307621066","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13379166307621066","location":5,"manifest":{"content_capabilities":{"include_globs":["https://*excel.officeapps.live.com/*","https://*onenote.officeapps.live.com/*","https://*powerpoint.officeapps.live.com/*","https://*word-edit.officeapps.live.com/*","https://*excel.officeapps.live.com.mcas.ms/*","https://*onenote.officeapps.live.com.mcas.ms/*","https://*word-edit.officeapps.live.com.mcas.ms/*","https://*excel.partner.officewebapps.cn/*","https://*onenote.partner.officewebapps.cn/*","https://*powerpoint.partner.officewebapps.cn/*","https://*word-edit.partner.officewebapps.cn/*","https://*excel.gov.online.office365.us/*","

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Site Characteristics Database\000001.dbtmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                      MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                      SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                      SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                      SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Site Characteristics Database\000003.log

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):40
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.473726825238924
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:41tt0diERGn:et084G
                                                                                                                                                                                                                                                                                      MD5:148079685E25097536785F4536AF014B
                                                                                                                                                                                                                                                                                      SHA1:C5FF5B1B69487A9DD4D244D11BBAFA91708C1A41
                                                                                                                                                                                                                                                                                      SHA-256:F096BC366A931FBA656BDCD77B24AF15A5F29FC53281A727C79F82C608ECFAB8
                                                                                                                                                                                                                                                                                      SHA-512:C2556034EA51ABFBC172EB62FF11F5AC45C317F84F39D4B9E3DDBD0190DA6EF7FA03FE63631B97AB806430442974A07F8E81B5F7DC52D9F2FCDC669ADCA8D91F
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:.On.!................database_metadata.1

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Site Characteristics Database\CURRENT (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                      MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                      SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                      SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                      SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Site Characteristics Database\LOG

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):321
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.256435859216308
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:PTf0sjs1wknaZ5Sw75UUh2gr52KLl1Tf0Jq2PwknaZ5Sw75UUh2ghZIFUv:pjLrHSw75rhHJLAvYrHSw75rhHh2FUv
                                                                                                                                                                                                                                                                                      MD5:296A9B23B181FDAF7C9B87F2EC6E6735
                                                                                                                                                                                                                                                                                      SHA1:7440409FE9137C68068B34849EB329CB128A0FF0
                                                                                                                                                                                                                                                                                      SHA-256:FCD9B710D54E33DCEDE007A68F5CFA46EDAD291E2395464A03D3E2AFE322340C
                                                                                                                                                                                                                                                                                      SHA-512:5FBD663AAA8EC082A5C75336D8EC398CE1AACD67885B8B0AB933FD591C7F8090FC6B82B67AC0991297FA86A573D9BBC702FDF214A115F018D546DE4FE07EF44E
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:2024/12/20-06:05:07.731 16c0 Creating DB C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Site Characteristics Database since it was missing..2024/12/20-06:05:07.745 16c0 Reusing MANIFEST C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Site Characteristics Database/MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Site Characteristics Database\MANIFEST-000001

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):41
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                      MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                      SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                      SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                      SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Sync Data\LevelDB\000001.dbtmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                      MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                      SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                      SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                      SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Sync Data\LevelDB\000003.log

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):46
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.019797536844534
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:sLollttz6sjlGXU2tkn:qolXtWswXU2tkn
                                                                                                                                                                                                                                                                                      MD5:90881C9C26F29FCA29815A08BA858544
                                                                                                                                                                                                                                                                                      SHA1:06FEE974987B91D82C2839A4BB12991FA99E1BDD
                                                                                                                                                                                                                                                                                      SHA-256:A2CA52E34B6138624AC2DD20349CDE28482143B837DB40A7F0FBDA023077C26A
                                                                                                                                                                                                                                                                                      SHA-512:15F7F8197B4FC46C4C5C2570FB1F6DD73CB125F9EE53DFA67F5A0D944543C5347BDAB5CCE95E91DD6C948C9023E23C7F9D76CFF990E623178C92F8D49150A625
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:...n'................_mts_schema_descriptor...

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Sync Data\LevelDB\CURRENT (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                      MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                      SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                      SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                      SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Sync Data\LevelDB\LOG

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):297
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.3310146822260895
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:PTf06KD1wknaZ5Sw75gx2KLl1Tf06dIsMM+q2PwknaZ5Sw75WIFUv:drHSw75gVLnMM+vYrHSw75PFUv
                                                                                                                                                                                                                                                                                      MD5:13317B1181891F4E3CE4AC243B46A47A
                                                                                                                                                                                                                                                                                      SHA1:61966AB0C9B5693AF576514F15FAFBA112CD5A8D
                                                                                                                                                                                                                                                                                      SHA-256:59787040264EB9CCEDBFC0D6D611A58BF806696F60FBE56E4FB2F05FB5B83B1D
                                                                                                                                                                                                                                                                                      SHA-512:7FAF2C6ABDFA52A09DCDDAB1076A00C3F5336C37BED2FDA951738590314EB03DC1C8CD2987E7F14AF0D37D4FB2B8727A87B9DF6C7E80A635A91BA625362A8F8A
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:2024/12/20-06:05:08.091 1b8c Creating DB C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Sync Data\LevelDB since it was missing..2024/12/20-06:05:08.098 1b8c Reusing MANIFEST C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Sync Data\LevelDB/MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Sync Data\LevelDB\MANIFEST-000001

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):41
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                      MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                      SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                      SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                      SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Top Sites

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):20480
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.3528485475628876
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:TLiN6CZhDu6MvDOF5yEHFxOUwa5qguYZ75fOSiPe2d:TLiwCZwE8I6Uwcco5fBtC
                                                                                                                                                                                                                                                                                      MD5:F2B4FB2D384AA4E4D6F4AEB0BBA217DC
                                                                                                                                                                                                                                                                                      SHA1:2CD70CFB3CE72D9B079170C360C1F563B6BF150E
                                                                                                                                                                                                                                                                                      SHA-256:1ECC07CD1D383472DAD33D2A5766625009EA5EACBAEDE2417ADA1842654CBBC8
                                                                                                                                                                                                                                                                                      SHA-512:48D03991660FA1598B3E002F5BC5F0F05E9696BCB2289240FA8CCBB2C030CDD23245D4ECC0C64DA1E7C54B092C3E60AE0427358F63087018BF0E6CEDC471DD34
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j..........g.....4....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Visited Links

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):131072
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.002110589502647469
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:ImtVHlQlZXl:IiVFa
                                                                                                                                                                                                                                                                                      MD5:A083A5C4283ED260DE34D454EB573EC2
                                                                                                                                                                                                                                                                                      SHA1:B985612B9993E5E814F284939A31D4C81F369229
                                                                                                                                                                                                                                                                                      SHA-256:BE99523CB85CC77871BE4BDE1316F151CC03FE727508ABAC715B3DB3B0C68F85
                                                                                                                                                                                                                                                                                      SHA-512:8C8A1A5D02D7A2D7B6D813B506B74C81552A0B6F0DF023B034B270456BA5CAB074A6DC7A2B9BE7CE83121EC1603AE5C960A8143B090E3C69EC912CC1251187CE
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:VLnk.....?......K......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Web Data

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 87, cookie 0x36, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):178176
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.9328712687751187
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:192:R2qAdB9TbTbuDDsnxCkvSAE+WslKOMq+c:R2qOB1nxCkvSAELyKOMq+c
                                                                                                                                                                                                                                                                                      MD5:6B2D5ED0A90C99FD05D58FE8E924C886
                                                                                                                                                                                                                                                                                      SHA1:34E1103E18E57E9D1769C89DFB2DAD84BFDD54B5
                                                                                                                                                                                                                                                                                      SHA-256:2873E973AB5B91CD07405FD5D35E2A843A408AD53696372BEC794F4582368E49
                                                                                                                                                                                                                                                                                      SHA-512:08373748A19C0381866090CB60929A4642BB624AF777240CB63B918180CEEE0C80DFAD852830FC6821AD6266DF1A865940A90D2089621F612617C5E92A4B29B2
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......W...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\Web Data-journal

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2568
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.06569804787746028
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:d/2Fl1lOtlV:4Fg
                                                                                                                                                                                                                                                                                      MD5:89898519515A0043B23844741C649CA0
                                                                                                                                                                                                                                                                                      SHA1:13757DD5A51D277E6EFF3097468F76010592A224
                                                                                                                                                                                                                                                                                      SHA-256:EB4B0B14D231E26787FC44D6D992B5D26C1AA5A778FE30CC0896A2377530E92C
                                                                                                                                                                                                                                                                                      SHA-512:BAC3162A46D7FEA8A684E03BC7D40CDFECE4E65E04BFC236BF44023678E8753C01A503EA3E706F4EE269A7738501D4966CC77B1B6CAF72EABCF6F9EAEA7AE73A
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:............Cv.\...W....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\a60e9343-6534-4697-b67e-63b7890952f7.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):5794
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.781618760209297
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:96:stlS/J7tcs13Pb9KiG8zq85eh6Cb7/x+6MhmuecmAem3S2MR7K:stlqJxcszGkq88bV+FiAFSPhK
                                                                                                                                                                                                                                                                                      MD5:5346238BF697888B40306674DA745840
                                                                                                                                                                                                                                                                                      SHA1:052023177D264F64DC124C71B76B06D0CD495F7C
                                                                                                                                                                                                                                                                                      SHA-256:DC2DDE6D4DD5704733BB298F2DAA40D42AB21BB70AEC7D4BC2C729FC85D76257
                                                                                                                                                                                                                                                                                      SHA-512:4BB480E96E466342AE58F6AA2DD791F2C3F0D0E5D7C24EA083459BB45FE83C01A624FA95C6AE1014D8A8FB2BE1270B05ABA744D852675778C3631D0D13E280A6
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13379166307690134","alternate_error_pages":{"backup":true,"enabled":false},"autocomplete":{"retention_policy_last_version":117},"autofill":{"autostuff_enabled":false,"credit_card_enabled":false,"custom_data_enabled":false,"custom_data_fill_enabled":false,"custom_data_identify_info_from_form_enabled":false,"custom_data_save_enabled":false},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"browser_content_container_height":374,"browser_content_container_width":661,"browser_content_container_x":0,"browser_content_container_y":0,"countryid_at_install":17224,"credentials_enable_service":false,"dips_timer_last_update":"13379166308069835","domain_diversity":{"last_reporting_timestamp":"13379166307832187"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\bccfc4cf-7204-4d65-a097-cc3a5af96d8c.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):5560
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.779249319943278
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:96:stlS/J7tcs13Pb9KiG8zEd81h6Cb7/x+6MhmuecmAem312MR7K:stlqJxcszGkq8vbV+FiAF1PhK
                                                                                                                                                                                                                                                                                      MD5:F691D00D8798B577DBB8279F0D840889
                                                                                                                                                                                                                                                                                      SHA1:12B7D6D906736617A42870899CB0FB5859DC5ED7
                                                                                                                                                                                                                                                                                      SHA-256:90AB79B728FC4EDB74AA958D2B2D9AECBA9D3B9DD64C061D1C993B26B6C5AEF3
                                                                                                                                                                                                                                                                                      SHA-512:B5AEED7A99B046C3776827A5A6D1434CE0B9230F345675646F65E11472BC94CE1568530A58E08BB4BDBD8E17EDF9691C767032B48662304C977698A801BE8106
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13379166307690134","alternate_error_pages":{"backup":true,"enabled":false},"autocomplete":{"retention_policy_last_version":117},"autofill":{"autostuff_enabled":false,"credit_card_enabled":false,"custom_data_enabled":false,"custom_data_fill_enabled":false,"custom_data_identify_info_from_form_enabled":false,"custom_data_save_enabled":false},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"browser_content_container_height":374,"browser_content_container_width":661,"browser_content_container_x":0,"browser_content_container_y":0,"countryid_at_install":17224,"credentials_enable_service":false,"dips_timer_last_update":"13379166308069835","domain_diversity":{"last_reporting_timestamp":"13379166307832187"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\f096d3b5-21c3-413f-b26b-a490e101b0e0.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):6780
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.580578868683031
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:96:vgisPlf/ROoBpkF5d1Dis7VaTEv9V5h5pg5vezodIU8rFSpsA5IOrMn3YPo0MG6f:ZYrnA9l5hSpFIOAn3go0iugT
                                                                                                                                                                                                                                                                                      MD5:5B1A50D8DE4B41C71F0651700B974704
                                                                                                                                                                                                                                                                                      SHA1:D716B1C83B1C712C44AD9B85B58641E94380FC42
                                                                                                                                                                                                                                                                                      SHA-256:B1DA64A1E88EE48F5AF10B808A2EE6BF960A73905BCCC442D96EC796024ACD25
                                                                                                                                                                                                                                                                                      SHA-512:F4AC8075E415A7CB909F988841C032F899532E4DA1233C8AEF6C8CF4583A262204A04F91F60729468E354331F461095646352175ACD4C07A7BB943D78536BAA2
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"extensions":{"settings":{"dgiklkfkllikcanfonkcabmbdfmgleag":{"active_permissions":{"api":[],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13379166307621066","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13379166307621066","location":5,"manifest":{"content_capabilities":{"include_globs":["https://*excel.officeapps.live.com/*","https://*onenote.officeapps.live.com/*","https://*powerpoint.officeapps.live.com/*","https://*word-edit.officeapps.live.com/*","https://*excel.officeapps.live.com.mcas.ms/*","https://*onenote.officeapps.live.com.mcas.ms/*","https://*word-edit.officeapps.live.com.mcas.ms/*","https://*excel.partner.officewebapps.cn/*","https://*onenote.partner.officewebapps.cn/*","https://*powerpoint.partner.officewebapps.cn/*","https://*word-edit.partner.officewebapps.cn/*","https://*excel.gov.online.office365.us/*","

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\heavy_ad_intervention_opt_out.db

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 4, cookie 0x2, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16384
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.35226517389931394
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:TLC+waBg9LBgVDBgQjiZBgKuFtuQkMbmgcVAzO5kMCgGUg5OR:TLPdBgtBgJBgQjiZS53uQFE27MCgGZsR
                                                                                                                                                                                                                                                                                      MD5:D2CCDC36225684AAE8FA563AFEDB14E7
                                                                                                                                                                                                                                                                                      SHA1:3759649035F23004A4C30A14C5F0B54191BEBF80
                                                                                                                                                                                                                                                                                      SHA-256:080AEE864047C67CB1586A5BA5EDA007AFD18ECC2B702638287E386F159D7AEE
                                                                                                                                                                                                                                                                                      SHA-512:1A915AF643D688CA68AEDC1FF26C407D960D18DFDE838B417C437D7ADAC7B91C906E782DCC414784E64287915BD1DE5BB6A282E59AA9FEB8C384B4D4BC5F70EC
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.......Q......Q......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\shared_proto_db\000001.dbtmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                      MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                      SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                      SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                      SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\shared_proto_db\000003.log

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):195
                                                                                                                                                                                                                                                                                      Entropy (8bit):2.7998631831187235
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:VVXntjQPEnjQvxljljljljljljl:/XntM+4ljljljljljljl
                                                                                                                                                                                                                                                                                      MD5:00C0DEFAC69CFE6E18C6FD4D684D6625
                                                                                                                                                                                                                                                                                      SHA1:F80E1AB029E1116EE2FE85B2ECBF0959CCE884A7
                                                                                                                                                                                                                                                                                      SHA-256:1FCAFCF037F8CE32A6EB94539F4A7D67FC51FE2BD8EDBD95C1D0322841EEC8A2
                                                                                                                                                                                                                                                                                      SHA-512:C9411AEDDD3937D778BFE37FD489409E49304EBF3D3E7D686BDE4EE9C71E23A57224B622902948AD4BB422FFF3FB9386D02F956807FFF0185E9EF99FA2E157CF
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:A..r.................20_1_1...1.,U.................20_1_1...1..&f.................&f.................&f.................&f.................&f.................&f.................&f...............

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\shared_proto_db\CURRENT (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                      MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                      SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                      SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                      SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\shared_proto_db\LOG

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):291
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.412435398940084
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:PTf0n1wknaZ5Sw754rl2KLl1Tf0mVH39+q2PwknaZ5Sw754rK+IFUv:prHSw75qLZHIvYrHSw7553FUv
                                                                                                                                                                                                                                                                                      MD5:CF28FB5FCCD00CF4B2942544B068B17E
                                                                                                                                                                                                                                                                                      SHA1:C819294D10E7ED7FE9B6ADBC7F955FF6BC8CF522
                                                                                                                                                                                                                                                                                      SHA-256:541BFE4954CCA515B350A348379349BF7FE58D54D298C6FD86043134EE0CFB07
                                                                                                                                                                                                                                                                                      SHA-512:8593607CC6E7895AF6CA71333D42B48B9BBD6A9DC02C6F10062EC29266AE22D516202082973D8B41A22894C237BB18979CC1BD077BC890BE6207AA5D8CC0D167
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:2024/12/20-06:05:07.785 f98 Creating DB C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\shared_proto_db since it was missing..2024/12/20-06:05:07.797 f98 Reusing MANIFEST C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\shared_proto_db/MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\shared_proto_db\MANIFEST-000001

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):41
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                      MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                      SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                      SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                      SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\shared_proto_db\metadata\000001.dbtmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                      MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                      SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                      SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                      SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\shared_proto_db\metadata\000003.log

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):443
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.8607946201633463
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:G0Xtqcsqc9Ct3msNJ4mv1m9p//3mQtmF2lHDNm8L/3mtyWmF2lpgll1mF2lA3m8e:G0nYUtTNop//z3p/F+iPAHlT0
                                                                                                                                                                                                                                                                                      MD5:364DFD4B8549676511C5040355D18C46
                                                                                                                                                                                                                                                                                      SHA1:C4E6FD741615C440860F5581962E5F533819D136
                                                                                                                                                                                                                                                                                      SHA-256:325CC7FA8CB19396ADA70323CDA06CE125364E5D754825D47950F6A7BA31A236
                                                                                                                                                                                                                                                                                      SHA-512:CCB5500742B49D6609C83C72BF4E8EA46C9B3EF684B85643E7B63DA4ABE29435C7EC726FA17C244E0C18760699AFE8E4076CDD777A6354413461E423919E31DB
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:.h.6.................__global... .t...................__global... .9..b.................33_..........................33_........v.................21_.....vuNX.................21_.....<...................20_.....,.1..................19_.....QL.s.................18_......Q...................20_.......w<.................20_.......ln.................19_......Y...................18_.....%.{..................9_.....f..U.................9_.....

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\shared_proto_db\metadata\CURRENT (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                      MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                      SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                      SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                      SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\shared_proto_db\metadata\LOG

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):309
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.382945347220158
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:PTf0s/k1wknaZ5Sw754rzs52KLl1Tf0q0At+q2PwknaZ5Sw754rzAdIFUv:p7rHSw7559LovYrHSw75uFUv
                                                                                                                                                                                                                                                                                      MD5:2247350CA8AD03E81B0645DD732B3CB1
                                                                                                                                                                                                                                                                                      SHA1:AF6553EBFD4B07BAF1FD73FD7324F25CED7C2EA9
                                                                                                                                                                                                                                                                                      SHA-256:9AC395ACB4EDCE154CC62580060464FF8A716FF9E14CFDC7BBE7FF2491A4666E
                                                                                                                                                                                                                                                                                      SHA-512:AA7B9F34B8BA5EACF867F93F726F1E8C3AA0794286FE52FCCA0E365A96F1A3BFFFE3FB8D10F47A5B1FC0EABDC65B38181E2C3518F4689D83997D41C3C6CB514E
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:2024/12/20-06:05:07.734 f98 Creating DB C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\shared_proto_db\metadata since it was missing..2024/12/20-06:05:07.759 f98 Reusing MANIFEST C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\shared_proto_db\metadata/MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Default\shared_proto_db\metadata\MANIFEST-000001

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):41
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                      MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                      SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                      SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                      SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\GrShaderCache\data_0

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):8192
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.01057775872642915
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsFl:/F
                                                                                                                                                                                                                                                                                      MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                                                                                                                                      SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                                                                                                                                      SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                                                                                                                                      SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\GrShaderCache\data_1

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):270336
                                                                                                                                                                                                                                                                                      Entropy (8bit):8.280239615765425E-4
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsEllllkEthXllkl2:/M/xT02
                                                                                                                                                                                                                                                                                      MD5:D0D388F3865D0523E451D6BA0BE34CC4
                                                                                                                                                                                                                                                                                      SHA1:8571C6A52AACC2747C048E3419E5657B74612995
                                                                                                                                                                                                                                                                                      SHA-256:902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B
                                                                                                                                                                                                                                                                                      SHA-512:376011D00DE659EB6082A74E862CFAC97A9BB508E0B740761505142E2D24EC1C30AA61EFBC1C0DD08FF0F34734444DE7F77DD90A6CA42B48A4C7FAD5F0BDDD17
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\GrShaderCache\data_2

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):8192
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.011852361981932763
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsHlDll:/H
                                                                                                                                                                                                                                                                                      MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                                                                                                                                      SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                                                                                                                                      SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                                                                                                                                      SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\GrShaderCache\data_3

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):8192
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.012340643231932763
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                                                                                                                                      MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                                                                                                                                      SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                                                                                                                                      SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                                                                                                                                      SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\GrShaderCache\index

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):262512
                                                                                                                                                                                                                                                                                      Entropy (8bit):9.553120663130604E-4
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:LsNl9Ci:Ls3g
                                                                                                                                                                                                                                                                                      MD5:D8411340B115E66D21F9B19797ECBD1D
                                                                                                                                                                                                                                                                                      SHA1:99F974CCF07797D7768DAF854EBAC2CD4BCDAE41
                                                                                                                                                                                                                                                                                      SHA-256:1892AE661B569DE593F0BD70C0F37D6104F386548EAE870D443EADC0C5C06A45
                                                                                                                                                                                                                                                                                      SHA-512:2460C4F88D50F007B301CD983F930093BC3F6573372D8AB3A29A0DEFB6A555B7785197167AA8AA5327F9C9C226EED252C61E3811E300234E7AF5B184811B5BBE
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:........................................ |4.G./.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\GraphiteDawnCache\data_0

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):8192
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.01057775872642915
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsFl:/F
                                                                                                                                                                                                                                                                                      MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                                                                                                                                      SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                                                                                                                                      SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                                                                                                                                      SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\GraphiteDawnCache\data_1

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):270336
                                                                                                                                                                                                                                                                                      Entropy (8bit):8.280239615765425E-4
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsEllllkEthXllkl2:/M/xT02
                                                                                                                                                                                                                                                                                      MD5:D0D388F3865D0523E451D6BA0BE34CC4
                                                                                                                                                                                                                                                                                      SHA1:8571C6A52AACC2747C048E3419E5657B74612995
                                                                                                                                                                                                                                                                                      SHA-256:902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B
                                                                                                                                                                                                                                                                                      SHA-512:376011D00DE659EB6082A74E862CFAC97A9BB508E0B740761505142E2D24EC1C30AA61EFBC1C0DD08FF0F34734444DE7F77DD90A6CA42B48A4C7FAD5F0BDDD17
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\GraphiteDawnCache\data_2

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):8192
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.011852361981932763
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsHlDll:/H
                                                                                                                                                                                                                                                                                      MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                                                                                                                                      SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                                                                                                                                      SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                                                                                                                                      SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\GraphiteDawnCache\data_3

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):8192
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.012340643231932763
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                                                                                                                                      MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                                                                                                                                      SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                                                                                                                                      SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                                                                                                                                      SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\GraphiteDawnCache\index

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):262512
                                                                                                                                                                                                                                                                                      Entropy (8bit):9.553120663130604E-4
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:LsNlpXOa:Ls39Oa
                                                                                                                                                                                                                                                                                      MD5:915722E3499686F5F6494CFA8540B72E
                                                                                                                                                                                                                                                                                      SHA1:54ED94B465F67DB3D88090D33955671DE7EE7193
                                                                                                                                                                                                                                                                                      SHA-256:93FFE479A0493E77D0A119C9E7A317AA01B8F07F55E1EC0A9C5D9CF1920FB9D4
                                                                                                                                                                                                                                                                                      SHA-512:20EB08A528469D0E398E673F73BA29C464D500AA05E8748A57B99F429DC98B761E2F7F046AD3D57C73BFCD3CF7F3E47260373DCBED945224819328945071A5C1
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:..........................................5.G./.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Last Version

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):13
                                                                                                                                                                                                                                                                                      Entropy (8bit):2.7192945256669794
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:NYLFRQI:ap2I
                                                                                                                                                                                                                                                                                      MD5:BF16C04B916ACE92DB941EBB1AF3CB18
                                                                                                                                                                                                                                                                                      SHA1:FA8DAEAE881F91F61EE0EE21BE5156255429AA8A
                                                                                                                                                                                                                                                                                      SHA-256:7FC23C9028A316EC0AC25B09B5B0D61A1D21E58DFCF84C2A5F5B529129729098
                                                                                                                                                                                                                                                                                      SHA-512:F0B7DF5517596B38D57C57B5777E008D6229AB5B1841BBE74602C77EEA2252BF644B8650C7642BD466213F62E15CC7AB5A95B28E26D3907260ED1B96A74B65FB
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:117.0.2045.47

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Local State (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):949
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.737028626061788
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:YKWJu5rrtLewbEE/JLIYB0aeCUWORd9bvXp1QQRCYfYg:Yqf5Ss/B0ZHPRvIB0
                                                                                                                                                                                                                                                                                      MD5:A1BD4309C05CFA03FC4CDD78F9CA4AC5
                                                                                                                                                                                                                                                                                      SHA1:39187647FE9D66EB27848B0D9C33C6BD57CEA1AA
                                                                                                                                                                                                                                                                                      SHA-256:69162179B54E8705C99F2091A794CEC49E9C1EAF06F84C5C3BD38E05ACED0D37
                                                                                                                                                                                                                                                                                      SHA-512:58C7CE9CFE2640651ABAC784CB0E23051F5E7FDD892EA79CCDA8E20C40383FC7DA29D2DAECDF2DF49BBAED8B017E650DF0CD630FDB30A0C833CD91534851DBB5
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAA+ie4dovOsTaFMEnLRJUCCEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAAAnbI75Mc3PMpwf2vxVvhatxapykcsSNF9ztEP0njLDYQAAAAAOgAAAAAIAACAAAABL1/XcnJ15zrzEkZyF5LxZVNB6uVndTQZGnX234gSMfDAAAABG5OubdjwCshwdBTLx9Sih3PUPqAYBzVbZ+5olUJ9F2Pl4NqIgxTyIKw7JK/lz4zdAAAAAwJ/rYmv/mF5nWFmvJFyEIfL7qzVnS2Z5HJOTnGbHNt4mWa892oC4MQN5zqdvFGc5Gmgg1bQOiacRgcahB+dlaA=="},"uninstall_metrics":{"installation_date2":"1734692707"},"user_experience_metrics":{"client_id2":"{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}C:\\Users\\user0s:92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A","diagnostics":{"last_data_collection_level_on_launch":1},"low_entropy_source3":3395,"pseudo_low_entropy_source":522,"reset_client_id_deterministic":true,"stability":{"browser_last_live_timestamp":"13379166307310326","stats_buildtime":"1695934310","stats_version":"117.0.2045.47-64","system_crash_count":0}}}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Local State~RF524825.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):949
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.737028626061788
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:YKWJu5rrtLewbEE/JLIYB0aeCUWORd9bvXp1QQRCYfYg:Yqf5Ss/B0ZHPRvIB0
                                                                                                                                                                                                                                                                                      MD5:A1BD4309C05CFA03FC4CDD78F9CA4AC5
                                                                                                                                                                                                                                                                                      SHA1:39187647FE9D66EB27848B0D9C33C6BD57CEA1AA
                                                                                                                                                                                                                                                                                      SHA-256:69162179B54E8705C99F2091A794CEC49E9C1EAF06F84C5C3BD38E05ACED0D37
                                                                                                                                                                                                                                                                                      SHA-512:58C7CE9CFE2640651ABAC784CB0E23051F5E7FDD892EA79CCDA8E20C40383FC7DA29D2DAECDF2DF49BBAED8B017E650DF0CD630FDB30A0C833CD91534851DBB5
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAA+ie4dovOsTaFMEnLRJUCCEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAAAnbI75Mc3PMpwf2vxVvhatxapykcsSNF9ztEP0njLDYQAAAAAOgAAAAAIAACAAAABL1/XcnJ15zrzEkZyF5LxZVNB6uVndTQZGnX234gSMfDAAAABG5OubdjwCshwdBTLx9Sih3PUPqAYBzVbZ+5olUJ9F2Pl4NqIgxTyIKw7JK/lz4zdAAAAAwJ/rYmv/mF5nWFmvJFyEIfL7qzVnS2Z5HJOTnGbHNt4mWa892oC4MQN5zqdvFGc5Gmgg1bQOiacRgcahB+dlaA=="},"uninstall_metrics":{"installation_date2":"1734692707"},"user_experience_metrics":{"client_id2":"{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}C:\\Users\\user0s:92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A","diagnostics":{"last_data_collection_level_on_launch":1},"low_entropy_source3":3395,"pseudo_low_entropy_source":522,"reset_client_id_deterministic":true,"stability":{"browser_last_live_timestamp":"13379166307310326","stats_buildtime":"1695934310","stats_version":"117.0.2045.47-64","system_crash_count":0}}}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Local State~RF524883.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):949
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.737028626061788
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:YKWJu5rrtLewbEE/JLIYB0aeCUWORd9bvXp1QQRCYfYg:Yqf5Ss/B0ZHPRvIB0
                                                                                                                                                                                                                                                                                      MD5:A1BD4309C05CFA03FC4CDD78F9CA4AC5
                                                                                                                                                                                                                                                                                      SHA1:39187647FE9D66EB27848B0D9C33C6BD57CEA1AA
                                                                                                                                                                                                                                                                                      SHA-256:69162179B54E8705C99F2091A794CEC49E9C1EAF06F84C5C3BD38E05ACED0D37
                                                                                                                                                                                                                                                                                      SHA-512:58C7CE9CFE2640651ABAC784CB0E23051F5E7FDD892EA79CCDA8E20C40383FC7DA29D2DAECDF2DF49BBAED8B017E650DF0CD630FDB30A0C833CD91534851DBB5
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAA+ie4dovOsTaFMEnLRJUCCEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAAAnbI75Mc3PMpwf2vxVvhatxapykcsSNF9ztEP0njLDYQAAAAAOgAAAAAIAACAAAABL1/XcnJ15zrzEkZyF5LxZVNB6uVndTQZGnX234gSMfDAAAABG5OubdjwCshwdBTLx9Sih3PUPqAYBzVbZ+5olUJ9F2Pl4NqIgxTyIKw7JK/lz4zdAAAAAwJ/rYmv/mF5nWFmvJFyEIfL7qzVnS2Z5HJOTnGbHNt4mWa892oC4MQN5zqdvFGc5Gmgg1bQOiacRgcahB+dlaA=="},"uninstall_metrics":{"installation_date2":"1734692707"},"user_experience_metrics":{"client_id2":"{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}C:\\Users\\user0s:92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A","diagnostics":{"last_data_collection_level_on_launch":1},"low_entropy_source3":3395,"pseudo_low_entropy_source":522,"reset_client_id_deterministic":true,"stability":{"browser_last_live_timestamp":"13379166307310326","stats_buildtime":"1695934310","stats_version":"117.0.2045.47-64","system_crash_count":0}}}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Local State~RF526f64.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):949
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.737028626061788
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:YKWJu5rrtLewbEE/JLIYB0aeCUWORd9bvXp1QQRCYfYg:Yqf5Ss/B0ZHPRvIB0
                                                                                                                                                                                                                                                                                      MD5:A1BD4309C05CFA03FC4CDD78F9CA4AC5
                                                                                                                                                                                                                                                                                      SHA1:39187647FE9D66EB27848B0D9C33C6BD57CEA1AA
                                                                                                                                                                                                                                                                                      SHA-256:69162179B54E8705C99F2091A794CEC49E9C1EAF06F84C5C3BD38E05ACED0D37
                                                                                                                                                                                                                                                                                      SHA-512:58C7CE9CFE2640651ABAC784CB0E23051F5E7FDD892EA79CCDA8E20C40383FC7DA29D2DAECDF2DF49BBAED8B017E650DF0CD630FDB30A0C833CD91534851DBB5
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAA+ie4dovOsTaFMEnLRJUCCEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAAAnbI75Mc3PMpwf2vxVvhatxapykcsSNF9ztEP0njLDYQAAAAAOgAAAAAIAACAAAABL1/XcnJ15zrzEkZyF5LxZVNB6uVndTQZGnX234gSMfDAAAABG5OubdjwCshwdBTLx9Sih3PUPqAYBzVbZ+5olUJ9F2Pl4NqIgxTyIKw7JK/lz4zdAAAAAwJ/rYmv/mF5nWFmvJFyEIfL7qzVnS2Z5HJOTnGbHNt4mWa892oC4MQN5zqdvFGc5Gmgg1bQOiacRgcahB+dlaA=="},"uninstall_metrics":{"installation_date2":"1734692707"},"user_experience_metrics":{"client_id2":"{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}C:\\Users\\user0s:92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A","diagnostics":{"last_data_collection_level_on_launch":1},"low_entropy_source3":3395,"pseudo_low_entropy_source":522,"reset_client_id_deterministic":true,"stability":{"browser_last_live_timestamp":"13379166307310326","stats_buildtime":"1695934310","stats_version":"117.0.2045.47-64","system_crash_count":0}}}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Local State~RF52c61f.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):949
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.737028626061788
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:YKWJu5rrtLewbEE/JLIYB0aeCUWORd9bvXp1QQRCYfYg:Yqf5Ss/B0ZHPRvIB0
                                                                                                                                                                                                                                                                                      MD5:A1BD4309C05CFA03FC4CDD78F9CA4AC5
                                                                                                                                                                                                                                                                                      SHA1:39187647FE9D66EB27848B0D9C33C6BD57CEA1AA
                                                                                                                                                                                                                                                                                      SHA-256:69162179B54E8705C99F2091A794CEC49E9C1EAF06F84C5C3BD38E05ACED0D37
                                                                                                                                                                                                                                                                                      SHA-512:58C7CE9CFE2640651ABAC784CB0E23051F5E7FDD892EA79CCDA8E20C40383FC7DA29D2DAECDF2DF49BBAED8B017E650DF0CD630FDB30A0C833CD91534851DBB5
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAA+ie4dovOsTaFMEnLRJUCCEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAAAnbI75Mc3PMpwf2vxVvhatxapykcsSNF9ztEP0njLDYQAAAAAOgAAAAAIAACAAAABL1/XcnJ15zrzEkZyF5LxZVNB6uVndTQZGnX234gSMfDAAAABG5OubdjwCshwdBTLx9Sih3PUPqAYBzVbZ+5olUJ9F2Pl4NqIgxTyIKw7JK/lz4zdAAAAAwJ/rYmv/mF5nWFmvJFyEIfL7qzVnS2Z5HJOTnGbHNt4mWa892oC4MQN5zqdvFGc5Gmgg1bQOiacRgcahB+dlaA=="},"uninstall_metrics":{"installation_date2":"1734692707"},"user_experience_metrics":{"client_id2":"{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}C:\\Users\\user0s:92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A","diagnostics":{"last_data_collection_level_on_launch":1},"low_entropy_source3":3395,"pseudo_low_entropy_source":522,"reset_client_id_deterministic":true,"stability":{"browser_last_live_timestamp":"13379166307310326","stats_buildtime":"1695934310","stats_version":"117.0.2045.47-64","system_crash_count":0}}}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Local State~RF535976.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):949
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.737028626061788
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:YKWJu5rrtLewbEE/JLIYB0aeCUWORd9bvXp1QQRCYfYg:Yqf5Ss/B0ZHPRvIB0
                                                                                                                                                                                                                                                                                      MD5:A1BD4309C05CFA03FC4CDD78F9CA4AC5
                                                                                                                                                                                                                                                                                      SHA1:39187647FE9D66EB27848B0D9C33C6BD57CEA1AA
                                                                                                                                                                                                                                                                                      SHA-256:69162179B54E8705C99F2091A794CEC49E9C1EAF06F84C5C3BD38E05ACED0D37
                                                                                                                                                                                                                                                                                      SHA-512:58C7CE9CFE2640651ABAC784CB0E23051F5E7FDD892EA79CCDA8E20C40383FC7DA29D2DAECDF2DF49BBAED8B017E650DF0CD630FDB30A0C833CD91534851DBB5
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAA+ie4dovOsTaFMEnLRJUCCEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAAAnbI75Mc3PMpwf2vxVvhatxapykcsSNF9ztEP0njLDYQAAAAAOgAAAAAIAACAAAABL1/XcnJ15zrzEkZyF5LxZVNB6uVndTQZGnX234gSMfDAAAABG5OubdjwCshwdBTLx9Sih3PUPqAYBzVbZ+5olUJ9F2Pl4NqIgxTyIKw7JK/lz4zdAAAAAwJ/rYmv/mF5nWFmvJFyEIfL7qzVnS2Z5HJOTnGbHNt4mWa892oC4MQN5zqdvFGc5Gmgg1bQOiacRgcahB+dlaA=="},"uninstall_metrics":{"installation_date2":"1734692707"},"user_experience_metrics":{"client_id2":"{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}C:\\Users\\user0s:92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A","diagnostics":{"last_data_collection_level_on_launch":1},"low_entropy_source3":3395,"pseudo_low_entropy_source":522,"reset_client_id_deterministic":true,"stability":{"browser_last_live_timestamp":"13379166307310326","stats_buildtime":"1695934310","stats_version":"117.0.2045.47-64","system_crash_count":0}}}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Local State~RF53fc8c.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):949
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.737028626061788
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:YKWJu5rrtLewbEE/JLIYB0aeCUWORd9bvXp1QQRCYfYg:Yqf5Ss/B0ZHPRvIB0
                                                                                                                                                                                                                                                                                      MD5:A1BD4309C05CFA03FC4CDD78F9CA4AC5
                                                                                                                                                                                                                                                                                      SHA1:39187647FE9D66EB27848B0D9C33C6BD57CEA1AA
                                                                                                                                                                                                                                                                                      SHA-256:69162179B54E8705C99F2091A794CEC49E9C1EAF06F84C5C3BD38E05ACED0D37
                                                                                                                                                                                                                                                                                      SHA-512:58C7CE9CFE2640651ABAC784CB0E23051F5E7FDD892EA79CCDA8E20C40383FC7DA29D2DAECDF2DF49BBAED8B017E650DF0CD630FDB30A0C833CD91534851DBB5
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAA+ie4dovOsTaFMEnLRJUCCEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAAAnbI75Mc3PMpwf2vxVvhatxapykcsSNF9ztEP0njLDYQAAAAAOgAAAAAIAACAAAABL1/XcnJ15zrzEkZyF5LxZVNB6uVndTQZGnX234gSMfDAAAABG5OubdjwCshwdBTLx9Sih3PUPqAYBzVbZ+5olUJ9F2Pl4NqIgxTyIKw7JK/lz4zdAAAAAwJ/rYmv/mF5nWFmvJFyEIfL7qzVnS2Z5HJOTnGbHNt4mWa892oC4MQN5zqdvFGc5Gmgg1bQOiacRgcahB+dlaA=="},"uninstall_metrics":{"installation_date2":"1734692707"},"user_experience_metrics":{"client_id2":"{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}C:\\Users\\user0s:92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A","diagnostics":{"last_data_collection_level_on_launch":1},"low_entropy_source3":3395,"pseudo_low_entropy_source":522,"reset_client_id_deterministic":true,"stability":{"browser_last_live_timestamp":"13379166307310326","stats_buildtime":"1695934310","stats_version":"117.0.2045.47-64","system_crash_count":0}}}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\ShaderCache\data_0

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):8192
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.01057775872642915
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsFl:/F
                                                                                                                                                                                                                                                                                      MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                                                                                                                                      SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                                                                                                                                      SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                                                                                                                                      SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\ShaderCache\data_1

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):270336
                                                                                                                                                                                                                                                                                      Entropy (8bit):8.280239615765425E-4
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsEllllkEthXllkl2:/M/xT02
                                                                                                                                                                                                                                                                                      MD5:D0D388F3865D0523E451D6BA0BE34CC4
                                                                                                                                                                                                                                                                                      SHA1:8571C6A52AACC2747C048E3419E5657B74612995
                                                                                                                                                                                                                                                                                      SHA-256:902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B
                                                                                                                                                                                                                                                                                      SHA-512:376011D00DE659EB6082A74E862CFAC97A9BB508E0B740761505142E2D24EC1C30AA61EFBC1C0DD08FF0F34734444DE7F77DD90A6CA42B48A4C7FAD5F0BDDD17
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\ShaderCache\data_2

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):8192
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.011852361981932763
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsHlDll:/H
                                                                                                                                                                                                                                                                                      MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                                                                                                                                      SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                                                                                                                                      SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                                                                                                                                      SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\ShaderCache\data_3

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):8192
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.012340643231932763
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                                                                                                                                      MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                                                                                                                                      SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                                                                                                                                      SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                                                                                                                                      SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\ShaderCache\index

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):262512
                                                                                                                                                                                                                                                                                      Entropy (8bit):9.553120663130604E-4
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:LsNlQho:Ls3
                                                                                                                                                                                                                                                                                      MD5:55E7F6238CA078BB170F2B55BAF35F8F
                                                                                                                                                                                                                                                                                      SHA1:11B343747B7EF3905403D0064DE55ABD229C846E
                                                                                                                                                                                                                                                                                      SHA-256:ACD02BC4FA499C30E542F2974608F02A239B8FC25D03EE83C4208504F4B8EEA5
                                                                                                                                                                                                                                                                                      SHA-512:DD84760D319AD6F4AB622217ED04F21621D8FA3200F223EDCFBC1E329ACC80570D26E864D4E1C2273D905918F3FFB18EF57789D3E2AD06BCE041E755280505A8
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:..........................................&.G./.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\SmartScreen\RemoteData\customSynchronousLookupUris

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):29
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.922828737239167
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:2NGw+K+:fwZ+
                                                                                                                                                                                                                                                                                      MD5:7BAAFE811F480ACFCCCEE0D744355C79
                                                                                                                                                                                                                                                                                      SHA1:24B89AE82313084BB8BBEB9AD98A550F41DF7B27
                                                                                                                                                                                                                                                                                      SHA-256:D5743766AF0312C7B7728219FC24A03A4FB1C2A54A506F337953FBC2C1B847C7
                                                                                                                                                                                                                                                                                      SHA-512:70FE1C197AF507CC0D65E99807D245C896A40A4271BA1121F9B621980877B43019E584C48780951FC1AD2A5D7D146FC6EA4678139A5B38F9B6F7A5F1E2E86BA3
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:customSynchronousLookupUris_0

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\SmartScreen\RemoteData\customSynchronousLookupUris_0

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):35302
                                                                                                                                                                                                                                                                                      Entropy (8bit):7.99333285466604
                                                                                                                                                                                                                                                                                      Encrypted:true
                                                                                                                                                                                                                                                                                      SSDEEP:768:rRhaFePY38QBsj61g3g01LXoDGPpgb8KbMcnjrQCckBuJyqk3x8cBBT:rLP+TBK6ZQLXSsaMcnHQQcox80
                                                                                                                                                                                                                                                                                      MD5:0E06E28C3536360DE3486B1A9E5195E8
                                                                                                                                                                                                                                                                                      SHA1:EB768267F34EC16A6CCD1966DCA4C3C2870268AB
                                                                                                                                                                                                                                                                                      SHA-256:F2658B1C913A96E75B45E6ADB464C8D796B34AC43BAF1635AA32E16D1752971C
                                                                                                                                                                                                                                                                                      SHA-512:45F1E909599E2F63372867BC359CF72FD846619DFEB5359E52D5700E0B1BCFFE5FF07606511A3BFFDDD933A0507195439457E4E29A49EB6451F26186B7240041
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:.......murmur3.....IN...9.......0..X..#l....C....]......pv..E..........,..?.N?....V..B-.*.F.1....g|..._.>'.-(V... .=.7P.m....#}.r.....>.LE...G.A.h5........J..=..L^-.Zl++,..h..o.y..~j.]u...W...&s.........M..........h3b..[.5.]..V^w.........a.*...6g3..%.gy../{|Z.B..X.}5.]..t.1.H&B.[.).$Y......2....L.t...{...[WE.yy.]..e.v0..\.J3..T.`1Lnh.../..-=w...W.&N7.nz.P...z......'i..R6....../....t.[..&-.....T&l..e....$.8.."....Iq....J.v..|.6.M...zE...a9uw..'.$6.L..m$......NB).JL.G.7}8(`....J.)b.E.m...c.0I.V...|$....;.k.......*8v..l.:..@.F.........K..2...%(...kA......LJd~._A.N.....$3...5....Z"...X=.....%.........6.k.....F..1..l,ia..i.i....y.M..Cl.....*...}.I..r..-+=b.6....%...#...W..K.....=.F....~.....[.......-...../;....~.09..d.....GR..H.lR...m.Huh9.:..A H./)..D.F..Y.n7.....7D.O.a;>Z.K....w...sq..qo3N...8@.zpD.Ku......+.Z=.zNFgP._@.z.ic.......3.....+..j...an%...X..7.q..A.l.7.S2..+....1.s.b..z...@v..!.y...N.C.XQ.p.\..x8(.<.....cq.(

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\SmartScreen\RemoteData\edgeSettings

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):18
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.5724312513221195
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:kDnaV6bVon:kDYa2
                                                                                                                                                                                                                                                                                      MD5:5692162977B015E31D5F35F50EFAB9CF
                                                                                                                                                                                                                                                                                      SHA1:705DC80E8B32AC8B68F7E13CF8A75DCCB251ED7D
                                                                                                                                                                                                                                                                                      SHA-256:42CCB5159B168DBE5D5DDF026E5F7ED3DBF50873CFE47C7C3EF0677BB07B90D4
                                                                                                                                                                                                                                                                                      SHA-512:32905A4CC5BCE0FE8502DDD32096F40106625218BEDC4E218A344225D6DF2595A7B70EEB3695DCEFDD894ECB2B66BED479654E8E07F02526648E07ACFE47838C
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:edgeSettings_2.0-0

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\SmartScreen\RemoteData\edgeSettings_2.0-0

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):3581
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.459693941095613
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:96:JTMhnytNaSA4BOsNQNhnUZTFGKDIWHCgL5tfHaaJzRHF+P1sYmnfHUdT+GWBH7Y/:KyMot7vjFU
                                                                                                                                                                                                                                                                                      MD5:BDE38FAE28EC415384B8CFE052306D6C
                                                                                                                                                                                                                                                                                      SHA1:3019740AF622B58D573C00BF5C98DD77F3FBB5CD
                                                                                                                                                                                                                                                                                      SHA-256:1F4542614473AE103A5EE3DEEEC61D033A40271CFF891AAA6797534E4DBB4D20
                                                                                                                                                                                                                                                                                      SHA-512:9C369D69298EBF087412EDA782EE72AFE5448FD0D69EA5141C2744EA5F6C36CDF70A51845CDC174838BAC0ADABDFA70DF6AEDBF6E7867578AE7C4B7805A8B55E
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"models":[],"geoidMaps":{"gw_my":"https://malaysia.smartscreen.microsoft.com/","gw_tw":"https://taiwan.smartscreen.microsoft.com/","gw_at":"https://austria.smartscreen.microsoft.com/","gw_es":"https://spain.smartscreen.microsoft.com/","gw_pl":"https://poland.smartscreen.microsoft.com/","gw_se":"https://sweden.smartscreen.microsoft.com/","gw_kr":"https://southkorea.smartscreen.microsoft.com/","gw_br":"https://brazil.smartscreen.microsoft.com/","au":"https://australia.smartscreen.microsoft.com/","dk":"https://denmark.smartscreen.microsoft.com/","gw_sg":"https://singapore.smartscreen.microsoft.com/","gw_fr":"https://france.smartscreen.microsoft.com/","gw_ca":"https://canada.smartscreen.microsoft.com/","test":"https://eu-9.smartscreen.microsoft.com/","gw_il":"https://israel.smartscreen.microsoft.com/","gw_au":"https://australia.smartscreen.microsoft.com/","gw_ffl4mod":"https://unitedstates4.ss.wd.microsoft.us/","gw_ffl4":"https://unitedstates1.ss.wd.microsoft.us/","gw_eu":"https://europe.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\SmartScreen\RemoteData\synchronousLookupUris

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):47
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.493433469104717
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:kfKbQSQSuLA5:kyUc5
                                                                                                                                                                                                                                                                                      MD5:3F90757B200B52DCF5FDAC696EFD3D60
                                                                                                                                                                                                                                                                                      SHA1:569A2E1BED9ECCDF7CD03E270AEF2BD7FF9B0E77
                                                                                                                                                                                                                                                                                      SHA-256:1EE63F0A3502CFB7DF195FABBA41A7805008AB2CCCDAEB9AF990409D163D60C8
                                                                                                                                                                                                                                                                                      SHA-512:39252BBAA33130DF50F36178A8EAB1D09165666D8A229FBB3495DD01CBE964F87CD2E6FCD479DFCA36BE06309EF18FEDA7F14722C57545203BBA24972D4835C8
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:synchronousLookupUris_636976985063396749.rel.v2

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\SmartScreen\RemoteData\synchronousLookupUris_636976985063396749.rel.v2

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):35302
                                                                                                                                                                                                                                                                                      Entropy (8bit):7.99333285466604
                                                                                                                                                                                                                                                                                      Encrypted:true
                                                                                                                                                                                                                                                                                      SSDEEP:768:rRhaFePY38QBsj61g3g01LXoDGPpgb8KbMcnjrQCckBuJyqk3x8cBBT:rLP+TBK6ZQLXSsaMcnHQQcox80
                                                                                                                                                                                                                                                                                      MD5:0E06E28C3536360DE3486B1A9E5195E8
                                                                                                                                                                                                                                                                                      SHA1:EB768267F34EC16A6CCD1966DCA4C3C2870268AB
                                                                                                                                                                                                                                                                                      SHA-256:F2658B1C913A96E75B45E6ADB464C8D796B34AC43BAF1635AA32E16D1752971C
                                                                                                                                                                                                                                                                                      SHA-512:45F1E909599E2F63372867BC359CF72FD846619DFEB5359E52D5700E0B1BCFFE5FF07606511A3BFFDDD933A0507195439457E4E29A49EB6451F26186B7240041
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:.......murmur3.....IN...9.......0..X..#l....C....]......pv..E..........,..?.N?....V..B-.*.F.1....g|..._.>'.-(V... .=.7P.m....#}.r.....>.LE...G.A.h5........J..=..L^-.Zl++,..h..o.y..~j.]u...W...&s.........M..........h3b..[.5.]..V^w.........a.*...6g3..%.gy../{|Z.B..X.}5.]..t.1.H&B.[.).$Y......2....L.t...{...[WE.yy.]..e.v0..\.J3..T.`1Lnh.../..-=w...W.&N7.nz.P...z......'i..R6....../....t.[..&-.....T&l..e....$.8.."....Iq....J.v..|.6.M...zE...a9uw..'.$6.L..m$......NB).JL.G.7}8(`....J.)b.E.m...c.0I.V...|$....;.k.......*8v..l.:..@.F.........K..2...%(...kA......LJd~._A.N.....$3...5....Z"...X=.....%.........6.k.....F..1..l,ia..i.i....y.M..Cl.....*...}.I..r..-+=b.6....%...#...W..K.....=.F....~.....[.......-...../;....~.09..d.....GR..H.lR...m.Huh9.:..A H./)..D.F..Y.n7.....7D.O.a;>Z.K....w...sq..qo3N...8@.zpD.Ku......+.Z=.zNFgP._@.z.ic.......3.....+..j...an%...X..7.q..A.l.7.S2..+....1.s.b..z...@v..!.y...N.C.XQ.p.\..x8(.<.....cq.(

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Variations

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):86
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.3751917412896075
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:YQ3JYq9xSs0dMEJAELJ2rjozQan:YQ3Kq9X0dMgAEwjM
                                                                                                                                                                                                                                                                                      MD5:961E3604F228B0D10541EBF921500C86
                                                                                                                                                                                                                                                                                      SHA1:6E00570D9F78D9CFEBE67D4DA5EFE546543949A7
                                                                                                                                                                                                                                                                                      SHA-256:F7B24F2EB3D5EB0550527490395D2F61C3D2FE74BB9CB345197DAD81B58B5FED
                                                                                                                                                                                                                                                                                      SHA-512:535F930AFD2EF50282715C7E48859CC2D7B354FF4E6C156B94D5A2815F589B33189FFEDFCAF4456525283E993087F9F560D84CFCF497D189AB8101510A09C472
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"user_experience_metrics.stability.exited_cleanly":false,"variations_crash_streak":0}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\a9d34ddb-5123-4436-9fab-40681ed3cc1d.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):17567
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.06418559058222
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:384:dtMkaMJH2m8qVT8IeQ0I5t0b9MEFqNBS89VeipVDM8:XMkbJrT8IeQc5aMipVDj
                                                                                                                                                                                                                                                                                      MD5:241D38D179AC2616991D2D2CFFD490D5
                                                                                                                                                                                                                                                                                      SHA1:C560222AC9D15F1629A51B9937897EBA69FC6636
                                                                                                                                                                                                                                                                                      SHA-256:F0D2CAFDDCA1290C0F8598D1FD3EE4460DBBB02A0CA4303B105EC91E12459BDB
                                                                                                                                                                                                                                                                                      SHA-512:AAA557B2566762B9A6A8E7A11FAC9C3647C04BFE87F95DD10BF0FFEE93BC3F5CBF7DD64C86911489DCB7FBE305929EE6100F0CCB3490C06647B327385E3A2E26
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm3rXSyzABnWdKBG+Ijlx7hEE4QTzo+AB6fnDLLJBpo7PKv8Ob367/KjUg8mcY6CmCjTJCmtsWFOcUf5vj04cw0e1yZe2WAl8svFn5IC43jfc+dLnGrEyDwAicHCxNdhlrVa5LEtTgt5u2lAK02pd198r5dr5VYgHj55vViEOsF96z3F4ONrN2yeYHGQlo5wvtB8h5moYSz3q4XkgOLF68CtN9bg4RrXXMpaCsrtm158Ii7QF+b2Xe4pcP9WmmQQPfW3MPK3vutAkF92eZ7P7Xw59TAM/Xo+dJlBvYcfjI+KQYiMwDeq8wvchf+8fPfPPLcZ/KFm8bG4FljbVPigsVWQEqHL2vBay66hdg1F7Kydil8K9Pwl4LVThXUnCL448fFvVayoDCWsdbVqNMUlJkiPsBWAMpciK6VFzCA4g6Ya+AgMj+8/wkfpDfC4Y2ZPYK8UE

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\d717a500-8266-4674-9c9f-46e167188fc4.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2899
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.3064299563482935
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:YDEFMsFiHGS0af5Ssk3p8QSh/cIgwLURMYXylVotoWP5K1DqHB+sdrxIB0ZH7RRZ:PNkGS1f5A58rh/cI9URoDotouDBBKSZ9
                                                                                                                                                                                                                                                                                      MD5:1B7443F059F09F82A411D3636D9422DA
                                                                                                                                                                                                                                                                                      SHA1:15F571E13B3112079BF8D0EA1FCDC278E505B633
                                                                                                                                                                                                                                                                                      SHA-256:63326E751E2CC759813648958B90058ADD90274AD824D6336B9207834AC6FB18
                                                                                                                                                                                                                                                                                      SHA-512:FBDB57EF93AFFB3087407F3B48FECF3C1AAC4CA1D5F79787C4D70D5C7C04BCFA09724562964F61A8A0D93D6129226B646A98B5923FFA570D18FDDFEFEADC3E8E
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"dual_engine":{"ie_to_edge":{"redirection_mode":0}},"edge":{"tab_stabs":{"closed_without_unfreeze_never_unfrozen":0,"closed_without_unfreeze_previously_unfrozen":0,"discard_without_unfreeze_never_unfrozen":0,"discard_without_unfreeze_previously_unfrozen":0},"tab_stats":{"frozen_daily":0,"unfrozen_daily":0}},"fre":{"oem_bookmarks_set":true},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAA+ie4dovOsTaFMEnLRJUCCEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAAAnbI75Mc3PMpwf2vxVvhatxapykcsSNF9ztEP0njLDYQAAAAAOgAAAAAIAACAAAABL1/XcnJ15zrzEkZyF5LxZVNB6uVndTQZGnX234gSMfDAAAABG5OubdjwCshwdBTLx9Sih3PUPqAYBzVbZ+5olUJ9F2Pl4NqIgxTyIKw7JK/lz4zdAAAAAwJ/rYmv/mF5nWFmvJFyEIfL7qzVnS2Z5HJOTnGbHNt4mWa892oC4MQN5zqdvFGc5Gmgg1bQOiacRgcahB+dlaA=="},"policy":{"last_statistics_update":"13379166307548831"},"profile":{"info_cache":{"Default":{"avatar_icon":"chrome://t

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\e557a40d-460e-4cdd-a10e-40f85bb60c76.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16333
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.069645245659573
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:384:dtMkaMJH2m8qVT8IeQ0I5t0b9MEFBNBS89cVDM8:XMkbJrT8IeQc5fcVDj
                                                                                                                                                                                                                                                                                      MD5:EC23ABAD81A73EE9BFDD22C216AE297F
                                                                                                                                                                                                                                                                                      SHA1:C1FF9AB374DE42E5A3C0251BC178BB7FB6624577
                                                                                                                                                                                                                                                                                      SHA-256:A9BAC8C0C2072A9ED34A49A524B2A269ABE0782442FB123D2C394E53EC49DD6D
                                                                                                                                                                                                                                                                                      SHA-512:5AF41791726A910D8AB4A78DE975E7FD58C9AFEEF40EE482B6CC8F7D88CCCAEE329D5942ADB605837DF2C2DD9ECC5DE5C5C66085ACB7DC5372747A0122397028
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Preview:{"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm3rXSyzABnWdKBG+Ijlx7hEE4QTzo+AB6fnDLLJBpo7PKv8Ob367/KjUg8mcY6CmCjTJCmtsWFOcUf5vj04cw0e1yZe2WAl8svFn5IC43jfc+dLnGrEyDwAicHCxNdhlrVa5LEtTgt5u2lAK02pd198r5dr5VYgHj55vViEOsF96z3F4ONrN2yeYHGQlo5wvtB8h5moYSz3q4XkgOLF68CtN9bg4RrXXMpaCsrtm158Ii7QF+b2Xe4pcP9WmmQQPfW3MPK3vutAkF92eZ7P7Xw59TAM/Xo+dJlBvYcfjI+KQYiMwDeq8wvchf+8fPfPPLcZ/KFm8bG4FljbVPigsVWQEqHL2vBay66hdg1F7Kydil8K9Pwl4LVThXUnCL448fFvVayoDCWsdbVqNMUlJkiPsBWAMpciK6VFzCA4g6Ya+AgMj+8/wkfpDfC4Y2ZPYK8UE

                                                                                                                                                                                                                                                                                      Static File Info

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      File type:PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                                                                                                                                                                                                      Entropy (8bit):7.976321178425901
                                                                                                                                                                                                                                                                                      TrID:
                                                                                                                                                                                                                                                                                      • Win64 Executable (generic) (12005/4) 74.95%
                                                                                                                                                                                                                                                                                      • Generic Win/DOS Executable (2004/3) 12.51%
                                                                                                                                                                                                                                                                                      • DOS Executable Generic (2002/1) 12.50%
                                                                                                                                                                                                                                                                                      • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.04%
                                                                                                                                                                                                                                                                                      File name:Ocean-T2I4I8O9.exe
                                                                                                                                                                                                                                                                                      File size:6'023'056 bytes
                                                                                                                                                                                                                                                                                      MD5:1deedf7edd7b1affcb7555d9ed27eb48
                                                                                                                                                                                                                                                                                      SHA1:56d6f32a9e1e0039ebcdfe1c38e29ef9b29ced3c
                                                                                                                                                                                                                                                                                      SHA256:ae241c1570038da5a64118b448d5220109a2f2bdb36dde8e12b990d3a74aac1a
                                                                                                                                                                                                                                                                                      SHA512:370f600bc47148c449dde8b8edd5e5621bde00f733024c640701384c15fc98efd6d4b0824a347b80bcdd617a517192f0d5388b73873e12f4b902e36131322b71
                                                                                                                                                                                                                                                                                      SSDEEP:98304:cvmChIZOfDv9W2FlRTbcbsvpBZPjsetNuQesutVSwkUBODHx91BxyTxSD4U3jQ+:WJeZOfDv9llRRnZrsetNuQokUBOl3yl+
                                                                                                                                                                                                                                                                                      TLSH:765623FDE48B7AF0C181F7B02903A0AFB1E87B5089629C55BBCD5D094E1B51B8DB3649
                                                                                                                                                                                                                                                                                      File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d................./....*.f1..,g................@......................................\... ... ............................

                                                                                                                                                                                                                                                                                      File Icon

                                                                                                                                                                                                                                                                                      Icon Hash:852426e470341149

                                                                                                                                                                                                                                                                                      Static PE Info

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Entrypoint:0x140a1d499
                                                                                                                                                                                                                                                                                      Entrypoint Section:.WK\
                                                                                                                                                                                                                                                                                      Digitally signed:true
                                                                                                                                                                                                                                                                                      Imagebase:0x140000000
                                                                                                                                                                                                                                                                                      Subsystem:windows gui
                                                                                                                                                                                                                                                                                      Image File Characteristics:RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, LARGE_ADDRESS_AWARE, DEBUG_STRIPPED
                                                                                                                                                                                                                                                                                      DLL Characteristics:HIGH_ENTROPY_VA, NX_COMPAT, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                                                                      Time Stamp:0x0 [Thu Jan 1 00:00:00 1970 UTC]
                                                                                                                                                                                                                                                                                      TLS Callbacks:0x40a26821, 0x1, 0x402e7920, 0x1, 0x402e78f0, 0x1, 0x402f8240, 0x1
                                                                                                                                                                                                                                                                                      CLR (.Net) Version:
                                                                                                                                                                                                                                                                                      OS Version Major:6
                                                                                                                                                                                                                                                                                      OS Version Minor:1
                                                                                                                                                                                                                                                                                      File Version Major:6
                                                                                                                                                                                                                                                                                      File Version Minor:1
                                                                                                                                                                                                                                                                                      Subsystem Version Major:6
                                                                                                                                                                                                                                                                                      Subsystem Version Minor:1
                                                                                                                                                                                                                                                                                      Import Hash:cbe8644e13f1c846eb245f6680cb9982

                                                                                                                                                                                                                                                                                      Authenticode Signature

                                                                                                                                                                                                                                                                                      Signature Valid:true
                                                                                                                                                                                                                                                                                      Signature Issuer:CN=SSL.com Code Signing Intermediate CA RSA R1, O=SSL Corp, L=Houston, S=Texas, C=US
                                                                                                                                                                                                                                                                                      Signature Validation Error:The operation completed successfully
                                                                                                                                                                                                                                                                                      Error Number:0
                                                                                                                                                                                                                                                                                      Not Before, Not After
                                                                                                                                                                                                                                                                                      • 21/08/2024 21:52:04 22/08/2025 21:52:04
                                                                                                                                                                                                                                                                                      Subject Chain
                                                                                                                                                                                                                                                                                      • CN=Gaston Dallavalle, O=Gaston Dallavalle, L=C\xf3rdoba, S=C\xf3rdoba Province, C=AR
                                                                                                                                                                                                                                                                                      Version:3
                                                                                                                                                                                                                                                                                      Thumbprint MD5:10F6963F55F7D2E2CE7AE049DFC33576
                                                                                                                                                                                                                                                                                      Thumbprint SHA-1:136F25913D0541D6859100F172A64029F75C262F
                                                                                                                                                                                                                                                                                      Thumbprint SHA-256:7564DF3A00667FDFA8DE91277DA1EB009F814632817FA17577DFF12B6AD43BF4
                                                                                                                                                                                                                                                                                      Serial:1BA33AC4A8ACCCFD4C93CF593B32E05F

                                                                                                                                                                                                                                                                                      Entrypoint Preview

                                                                                                                                                                                                                                                                                      Instruction
                                                                                                                                                                                                                                                                                      call 00007FA2A5580748h
                                                                                                                                                                                                                                                                                      pop ebp
                                                                                                                                                                                                                                                                                      pop ebx
                                                                                                                                                                                                                                                                                      sbb ebp, dword ptr [edi-0B58D022h]
                                                                                                                                                                                                                                                                                      dec edi
                                                                                                                                                                                                                                                                                      or al, E1h
                                                                                                                                                                                                                                                                                      inc esi
                                                                                                                                                                                                                                                                                      push ecx
                                                                                                                                                                                                                                                                                      add esi, ecx
                                                                                                                                                                                                                                                                                      sbb cl, cl
                                                                                                                                                                                                                                                                                      into
                                                                                                                                                                                                                                                                                      cwde
                                                                                                                                                                                                                                                                                      mov eax, 49E9A571h
                                                                                                                                                                                                                                                                                      xor eax, CE6717B2h
                                                                                                                                                                                                                                                                                      retn C68Eh
                                                                                                                                                                                                                                                                                      pop edx
                                                                                                                                                                                                                                                                                      insd
                                                                                                                                                                                                                                                                                      enter 1198h, 25h
                                                                                                                                                                                                                                                                                      imul ebp, dword ptr [ecx-0Bh], A60F67E2h
                                                                                                                                                                                                                                                                                      retn 5EEEh
                                                                                                                                                                                                                                                                                      loop 00007FA2A534C35Fh
                                                                                                                                                                                                                                                                                      lodsd
                                                                                                                                                                                                                                                                                      sub ah, byte ptr [ebp-55h]
                                                                                                                                                                                                                                                                                      cdq
                                                                                                                                                                                                                                                                                      jne 00007FA2A534C449h
                                                                                                                                                                                                                                                                                      and ebp, dword ptr [edi+edx*2]
                                                                                                                                                                                                                                                                                      jecxz 00007FA2A534C3BAh
                                                                                                                                                                                                                                                                                      and byte ptr [esi], cl
                                                                                                                                                                                                                                                                                      dec ebx
                                                                                                                                                                                                                                                                                      cwde
                                                                                                                                                                                                                                                                                      adc byte ptr [esp+edx*4-6F8BE561h], al
                                                                                                                                                                                                                                                                                      popfd
                                                                                                                                                                                                                                                                                      mov eax, dword ptr [E0D246A9h]
                                                                                                                                                                                                                                                                                      bound ecx, dword ptr [edi+3Ah]
                                                                                                                                                                                                                                                                                      pop ss
                                                                                                                                                                                                                                                                                      xor ebp, dword ptr [edi+eax]
                                                                                                                                                                                                                                                                                      clc
                                                                                                                                                                                                                                                                                      popad
                                                                                                                                                                                                                                                                                      jnc 00007FA2A534C3FAh
                                                                                                                                                                                                                                                                                      aam 55h
                                                                                                                                                                                                                                                                                      out 05h, al
                                                                                                                                                                                                                                                                                      sub byte ptr [esi+16h], al
                                                                                                                                                                                                                                                                                      and byte ptr [ebx], FFFFFF83h
                                                                                                                                                                                                                                                                                      sbb al, 3Ah
                                                                                                                                                                                                                                                                                      int 8Dh
                                                                                                                                                                                                                                                                                      pop edx
                                                                                                                                                                                                                                                                                      inc ebp
                                                                                                                                                                                                                                                                                      inc esi
                                                                                                                                                                                                                                                                                      and ch, bh
                                                                                                                                                                                                                                                                                      jmp far fword ptr [ebx+3AAE52B1h]
                                                                                                                                                                                                                                                                                      int 8Dh
                                                                                                                                                                                                                                                                                      pop edx
                                                                                                                                                                                                                                                                                      inc ebp
                                                                                                                                                                                                                                                                                      inc esi
                                                                                                                                                                                                                                                                                      xor al, 02h
                                                                                                                                                                                                                                                                                      jl 00007FA2A534C39Dh
                                                                                                                                                                                                                                                                                      lahf
                                                                                                                                                                                                                                                                                      insb
                                                                                                                                                                                                                                                                                      imul byte ptr [2BE8A032h]
                                                                                                                                                                                                                                                                                      adc dword ptr [eax-31h], 2Eh
                                                                                                                                                                                                                                                                                      push ebp
                                                                                                                                                                                                                                                                                      and byte ptr [edx+45h], bl
                                                                                                                                                                                                                                                                                      inc esi
                                                                                                                                                                                                                                                                                      aad 8Bh
                                                                                                                                                                                                                                                                                      hlt
                                                                                                                                                                                                                                                                                      pop ebx
                                                                                                                                                                                                                                                                                      enter 487Ah, 5Ch
                                                                                                                                                                                                                                                                                      cmp eax, D6035129h
                                                                                                                                                                                                                                                                                      xor bh, bl
                                                                                                                                                                                                                                                                                      aaa
                                                                                                                                                                                                                                                                                      and eax, 4124FD6Ah
                                                                                                                                                                                                                                                                                      sbb dword ptr [esi-4CBCCA9Fh], esp
                                                                                                                                                                                                                                                                                      push edx
                                                                                                                                                                                                                                                                                      add eax, 46455BD5h

                                                                                                                                                                                                                                                                                      Data Directories

                                                                                                                                                                                                                                                                                      NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_EXPORT0xc46d280x97.WK\
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_IMPORT0xa576a80xdc.WK\
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_RESOURCE0xe8c0000x2e9f.rsrc
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_EXCEPTION0xe743e00x17b08.WK\
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_SECURITY0x5bc2000x2590.rdata
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_TLS0xc8b7200x28.WK\
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_IAT0x8d30000xc8.2KL
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                                                                      Sections

                                                                                                                                                                                                                                                                                      NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                                                                      .text0x10000x3164780x0d41d8cd98f00b204e9800998ecf8427eunknownunknownunknownunknownIMAGE_SCN_CNT_CODE, IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                      .data0x3180000x4aca00x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                      .rdata0x3630000x2e3f400x0d41d8cd98f00b204e9800998ecf8427eunknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                      .pdata0x6470000x151f80x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                      .xdata0x65d0000x41840x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                      .bss0x6620000x4f3000x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                      .edata0x6b20000x970x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                      .idata0x6b30000x1c800x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                      .CRT0x6b50000x680x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                      .tls0x6b60000x100x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                      .ud}0x6b70000x21baa30x0d41d8cd98f00b204e9800998ecf8427eunknownunknownunknownunknownIMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                      .2KL0x8d30000xce80xe009d2fb4229ab7f9090d80fe4b64266fc6False0.029296875data0.16346064797867274IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                      .WK\0x8d40000x5b7ee80x5b800012d99bcd7353cd760d404ad91980f88dunknownunknownunknownunknownIMAGE_SCN_CNT_CODE, IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_NOT_PAGED, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                      .rsrc0xe8c0000x2e9f0x300016158314a5d90ad3ea830dd5d4a05940False0.919189453125data7.736219487435405IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                                                                                                      Resources

                                                                                                                                                                                                                                                                                      NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                                                                                      RT_ICON0xe8c0e80x2c11PNG image data, 256 x 256, 8-bit/color RGBA, non-interlacedEnglishUnited States0.9675560677244925
                                                                                                                                                                                                                                                                                      RT_GROUP_ICON0xe8ed000x14dataEnglishUnited States1.2
                                                                                                                                                                                                                                                                                      RT_MANIFEST0xe8ed180x187XML 1.0 document, ASCII text, with CRLF line terminatorsEnglishUnited States0.5805626598465473

                                                                                                                                                                                                                                                                                      Imports

                                                                                                                                                                                                                                                                                      DLLImport
                                                                                                                                                                                                                                                                                      ADVAPI32.dllRegCloseKey
                                                                                                                                                                                                                                                                                      KERNEL32.dllAddVectoredContinueHandler
                                                                                                                                                                                                                                                                                      msvcrt.dll___lc_codepage_func
                                                                                                                                                                                                                                                                                      ole32.dllCoInitializeEx
                                                                                                                                                                                                                                                                                      SHELL32.dllSHGetFolderPathW
                                                                                                                                                                                                                                                                                      SHLWAPI.dllPathCombineW
                                                                                                                                                                                                                                                                                      USER32.dllAdjustWindowRect
                                                                                                                                                                                                                                                                                      VERSION.dllGetFileVersionInfoSizeW
                                                                                                                                                                                                                                                                                      KERNEL32.dllGetSystemTimeAsFileTime
                                                                                                                                                                                                                                                                                      KERNEL32.dllHeapAlloc, HeapFree, ExitProcess, GetModuleHandleA, LoadLibraryA, GetProcAddress

                                                                                                                                                                                                                                                                                      Exports

                                                                                                                                                                                                                                                                                      NameOrdinalAddress
                                                                                                                                                                                                                                                                                      _cgo_dummy_export10x1406b0650
                                                                                                                                                                                                                                                                                      _webviewBindingGoCallback20x1402dd080
                                                                                                                                                                                                                                                                                      _webviewDispatchGoCallback30x1402dd040

                                                                                                                                                                                                                                                                                      Possible Origin

                                                                                                                                                                                                                                                                                      Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                                                                                                                      EnglishUnited States

                                                                                                                                                                                                                                                                                      Network Behavior

                                                                                                                                                                                                                                                                                      Network Port Distribution

                                                                                                                                                                                                                                                                                      TCP Packets

                                                                                                                                                                                                                                                                                      TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:02.975754976 CET49732443192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:02.975800037 CET44349732104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:02.975895882 CET49732443192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:02.977190971 CET49732443192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:02.977205038 CET44349732104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:04.194045067 CET44349732104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:04.194293022 CET49732443192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:04.194314003 CET44349732104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:04.194470882 CET49732443192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:04.194474936 CET44349732104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:04.195635080 CET44349732104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:04.195705891 CET49732443192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:04.251696110 CET49732443192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:04.251804113 CET44349732104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:04.252551079 CET49732443192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:04.252563000 CET44349732104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:04.299952984 CET49732443192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:04.715538979 CET44349732104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:04.715634108 CET44349732104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:04.715689898 CET49732443192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:04.763572931 CET49732443192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:04.763616085 CET44349732104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:04.763632059 CET49732443192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:04.763637066 CET44349732104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:04.764983892 CET4973380192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:04.884648085 CET8049733104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:04.884763002 CET4973380192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:04.896004915 CET4973380192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:05.015603065 CET8049733104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:05.981288910 CET8049733104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:05.982928991 CET49734443192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:05.982984066 CET44349734104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:05.983064890 CET49734443192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:05.983529091 CET49734443192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:05.983545065 CET44349734104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:06.030611038 CET4973380192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:07.197556019 CET44349734104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:07.202032089 CET49734443192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:07.202063084 CET44349734104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:07.202147961 CET49734443192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:07.202153921 CET44349734104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:07.203721046 CET44349734104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:07.203804970 CET49734443192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:07.212516069 CET49734443192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:07.212666035 CET44349734104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:07.212718964 CET49734443192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:07.259387016 CET44349734104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:07.260082960 CET49734443192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:07.260118961 CET44349734104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:07.313029051 CET49734443192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:07.731323004 CET44349734104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:07.731389046 CET44349734104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:07.731446028 CET49734443192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:07.815907955 CET49734443192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:07.815936089 CET44349734104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:07.815968037 CET49734443192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:07.815975904 CET44349734104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.378813982 CET49740443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.378875971 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.379065990 CET49741443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.379091978 CET44349741104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.379172087 CET49740443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.379542112 CET49743443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.379544973 CET49742443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.379549980 CET44349743104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.379573107 CET44349742104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.379575968 CET49741443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.379654884 CET49743443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.379657984 CET49742443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.380641937 CET49740443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.380641937 CET49742443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.380666971 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.380683899 CET44349742104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.380839109 CET49743443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.380851984 CET44349743104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.391380072 CET49741443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.391391993 CET44349741104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.392993927 CET49746443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.393002033 CET4974780192.168.2.4151.101.65.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.393004894 CET44349746172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.393310070 CET49746443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.404099941 CET49746443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.404110909 CET44349746172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.495857000 CET4974980192.168.2.4151.101.65.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.512602091 CET8049747151.101.65.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.515491962 CET4974780192.168.2.4151.101.65.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.515491962 CET4974780192.168.2.4151.101.65.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.615571022 CET8049749151.101.65.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.623080015 CET4974980192.168.2.4151.101.65.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.635411024 CET8049747151.101.65.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.831979036 CET4975080192.168.2.4185.199.108.153
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.951690912 CET8049750185.199.108.153192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.955157042 CET4975080192.168.2.4185.199.108.153
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.955594063 CET4975080192.168.2.4185.199.108.153
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.075135946 CET8049750185.199.108.153192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.596329927 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.598017931 CET44349743104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.598594904 CET44349742104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.600841045 CET8049747151.101.65.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.601478100 CET8049747151.101.65.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.601681948 CET4974780192.168.2.4151.101.65.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.601819992 CET49740443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.601865053 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.601949930 CET49743443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.601969004 CET44349743104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.602082014 CET49742443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.602099895 CET44349742104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.603269100 CET4974780192.168.2.4151.101.65.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.603404999 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.603409052 CET44349743104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.603473902 CET49743443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.603483915 CET49740443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.603740931 CET44349742104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.603807926 CET49742443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.608011007 CET44349741104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.608320951 CET49741443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.608329058 CET44349741104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.612319946 CET44349741104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.612376928 CET49741443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.613080978 CET49740443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.613158941 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.613334894 CET49740443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.613353968 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.616951942 CET44349746172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.617217064 CET49746443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.617223978 CET44349746172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.618206024 CET44349746172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.618256092 CET49746443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.629254103 CET49742443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.629345894 CET44349742104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.629349947 CET49741443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.629544973 CET49742443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.629559994 CET44349742104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.629595995 CET49741443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.629601002 CET44349741104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.629890919 CET49743443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.629964113 CET44349743104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.630033016 CET49743443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.630043030 CET44349743104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.630078077 CET44349741104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.645438910 CET49746443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.645514965 CET44349746172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.645657063 CET49746443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.645664930 CET44349746172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.684346914 CET49742443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.684756994 CET49741443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.684767962 CET44349741104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.704615116 CET49746443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.723838091 CET8049747151.101.65.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.725141048 CET49741443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.743154049 CET49751443192.168.2.4151.101.129.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.743175030 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.743231058 CET49751443192.168.2.4151.101.129.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.743438959 CET49751443192.168.2.4151.101.129.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.743449926 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.797699928 CET49740443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.797806025 CET49743443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.039385080 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.039437056 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.039474964 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.039490938 CET49740443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.039526939 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.039573908 CET49740443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.039582968 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.041088104 CET44349743104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.041189909 CET44349743104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.041240931 CET49743443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.042438030 CET44349742104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.042491913 CET44349742104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.042529106 CET44349742104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.042531013 CET49742443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.042541981 CET44349742104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.042581081 CET44349742104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.042609930 CET49742443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.042610884 CET44349742104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.042623043 CET44349742104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.042649984 CET49742443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.046479940 CET49743443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.046500921 CET44349743104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.047702074 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.047743082 CET49740443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.047753096 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.047986031 CET49752443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.048022032 CET44349752104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.048078060 CET49752443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.051069975 CET44349742104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.051120996 CET49742443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.051129103 CET44349742104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.051573992 CET49752443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.051589966 CET44349752104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.052649021 CET44349741104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.052871943 CET44349741104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.052917004 CET49741443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.053389072 CET49741443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.053395033 CET44349741104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.053422928 CET49741443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.053440094 CET49741443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.054105997 CET49753443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.054136992 CET44349753104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.054188967 CET49753443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.054408073 CET49753443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.054418087 CET44349753104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.056102037 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.056149960 CET49740443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.056158066 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.064697981 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.064754963 CET49740443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.064768076 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.067430019 CET44349742104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.067478895 CET49742443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.067492962 CET44349742104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.071743011 CET44349742104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.071810961 CET49742443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.072004080 CET49742443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.072032928 CET44349742104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.077866077 CET8049750185.199.108.153192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.116858006 CET44349746172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.116996050 CET44349746172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.117039919 CET49746443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.117623091 CET49746443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.117630005 CET44349746172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.118196011 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.118232012 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.119096041 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.119272947 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.119286060 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.145272970 CET4975080192.168.2.4185.199.108.153
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.163407087 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.167232037 CET49740443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.167298079 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.222734928 CET49755443192.168.2.4185.199.111.153
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.222754002 CET44349755185.199.111.153192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.222815037 CET49755443192.168.2.4185.199.111.153
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.223002911 CET49755443192.168.2.4185.199.111.153
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.223015070 CET44349755185.199.111.153192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.235069036 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.236592054 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.236762047 CET49740443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.236829042 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.239094973 CET49740443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.244476080 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.252218962 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.252274036 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.252325058 CET49740443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.252341986 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.255095959 CET49740443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.259977102 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.260091066 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.260143042 CET49740443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.260212898 CET49740443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.260242939 CET44349740104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.568432093 CET49756443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.568512917 CET44349756162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.568588018 CET49756443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.568869114 CET49756443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.568903923 CET44349756162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.574151039 CET49757443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.574196100 CET44349757172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.574259043 CET49757443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.574407101 CET49757443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.574419975 CET44349757172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.958950996 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.961364985 CET49751443192.168.2.4151.101.129.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.961391926 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.962838888 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.962904930 CET49751443192.168.2.4151.101.129.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.964185953 CET49751443192.168.2.4151.101.129.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.964292049 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.964478016 CET49751443192.168.2.4151.101.129.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.011332035 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.134337902 CET49751443192.168.2.4151.101.129.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.134357929 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.263267040 CET44349752104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.263598919 CET49752443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.263643026 CET44349752104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.264695883 CET44349752104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.264758110 CET49752443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.265100002 CET49752443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.265176058 CET44349752104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.265259981 CET49752443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.265276909 CET44349752104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.267719030 CET44349753104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.267972946 CET49753443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.267995119 CET44349753104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.269399881 CET44349753104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.269460917 CET49753443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.269849062 CET49753443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.269931078 CET44349753104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.272228956 CET49751443192.168.2.4151.101.129.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.275414944 CET49753443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.275423050 CET44349753104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.329421997 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.329670906 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.329699039 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.330723047 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.330777884 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.331203938 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.331269026 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.331528902 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.331537962 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.382941961 CET49759443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.382994890 CET44349759162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.383100986 CET49759443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.383414984 CET49759443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.383435011 CET44349759162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.396708012 CET49752443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.432164907 CET49760443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.432230949 CET44349760172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.432301044 CET49760443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.432631016 CET49760443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.432648897 CET44349760172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.436934948 CET44349755185.199.111.153192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.437434912 CET49755443192.168.2.4185.199.111.153
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.437457085 CET44349755185.199.111.153192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.438914061 CET44349755185.199.111.153192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.439007044 CET49755443192.168.2.4185.199.111.153
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.441039085 CET49755443192.168.2.4185.199.111.153
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.441118956 CET44349755185.199.111.153192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.441296101 CET49755443192.168.2.4185.199.111.153
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.441304922 CET44349755185.199.111.153192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.453680038 CET49753443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.453803062 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.469861984 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.470201969 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.470238924 CET49751443192.168.2.4151.101.129.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.470247984 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.470262051 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.470297098 CET49751443192.168.2.4151.101.129.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.470308065 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.478632927 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.478676081 CET49751443192.168.2.4151.101.129.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.478684902 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.486973047 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.487021923 CET49751443192.168.2.4151.101.129.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.487030029 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.589782953 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.589842081 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.589844942 CET49751443192.168.2.4151.101.129.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.589881897 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.589920998 CET49751443192.168.2.4151.101.129.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.593859911 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.647340059 CET44349755185.199.111.153192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.647407055 CET49755443192.168.2.4185.199.111.153
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.664525032 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.664580107 CET49751443192.168.2.4151.101.129.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.664597034 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.672957897 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.673011065 CET49751443192.168.2.4151.101.129.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.673018932 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.673024893 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.673072100 CET49751443192.168.2.4151.101.129.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.673078060 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.673093081 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.673141956 CET49751443192.168.2.4151.101.129.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.673388958 CET49751443192.168.2.4151.101.129.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.673403978 CET44349751151.101.129.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.711023092 CET44349752104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.711147070 CET44349752104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.711201906 CET49752443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.719671965 CET44349753104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.719948053 CET44349753104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.720030069 CET49753443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.771925926 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.771991014 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.772017956 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.772036076 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.772068024 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.772109032 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.772243977 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.772305012 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.772346973 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.772360086 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.780523062 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.780575037 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.780581951 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.797133923 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.797193050 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.797199965 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.799654961 CET44349756162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.800236940 CET49756443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.800281048 CET44349756162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.801784039 CET44349756162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.801851034 CET49756443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.803745985 CET49756443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.803847075 CET44349756162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.806597948 CET44349757172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.808001995 CET49757443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.808024883 CET44349757172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.808183908 CET49756443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.808202028 CET44349756162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.809577942 CET44349757172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.809639931 CET49757443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.810936928 CET49757443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.811021090 CET44349757172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.811335087 CET49757443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.811343908 CET44349757172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.851672888 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.851785898 CET49756443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.878573895 CET44349755185.199.111.153192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.878808022 CET44349755185.199.111.153192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.878860950 CET49755443192.168.2.4185.199.111.153
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.878886938 CET44349755185.199.111.153192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.878977060 CET44349755185.199.111.153192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.879019022 CET49755443192.168.2.4185.199.111.153
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.879028082 CET44349755185.199.111.153192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.880188942 CET49755443192.168.2.4185.199.111.153
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.880203009 CET44349755185.199.111.153192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.880217075 CET49755443192.168.2.4185.199.111.153
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.880240917 CET49755443192.168.2.4185.199.111.153
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.891431093 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.903345108 CET49757443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.938922882 CET49752443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.938961983 CET44349752104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.939927101 CET49761443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.939975977 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.940035105 CET49761443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.940315008 CET49761443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.940330029 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.940469980 CET49753443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.940469980 CET49753443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.940491915 CET44349753104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.940560102 CET49753443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.941041946 CET49762443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.941129923 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.941220045 CET49762443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.941380978 CET49762443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.941418886 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.965430021 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.965480089 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.965497971 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.975950956 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.975999117 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.976013899 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.983745098 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.983793020 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.983799934 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.991770029 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.991815090 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.991823912 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.999732971 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.999780893 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:15.999789000 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.007817030 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.007864952 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.007872105 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.015805960 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.015851974 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.015858889 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.023866892 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.023907900 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.023915052 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.031913042 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.031965971 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.031972885 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.044712067 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.044764042 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.044773102 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.051074028 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.051114082 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.051120996 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.148708105 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.148716927 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.159598112 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.159631014 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.159657955 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.159667015 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.159732103 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.164581060 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.169372082 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.169466972 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.169472933 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.178601027 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.178607941 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.178757906 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.178765059 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.187401056 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.187482119 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.187491894 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.187580109 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.191798925 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.195882082 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.196027994 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.196033955 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.196134090 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.204474926 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.204482079 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.204595089 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.213056087 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.213063002 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.213135004 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.221678019 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.221684933 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.221781015 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.226423979 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.226432085 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.226525068 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.227714062 CET44349756162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.227787018 CET44349756162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.227905035 CET49756443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.228167057 CET49756443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.228207111 CET44349756162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.229110003 CET44349757172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.229202986 CET44349757172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.229732990 CET49757443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.232990026 CET49757443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.233004093 CET44349757172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.234862089 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.235013008 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.243455887 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.243580103 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.247709036 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.248086929 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.350594044 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.351609945 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.355837107 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.355931997 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.362780094 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.362896919 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.369363070 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.369473934 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.372653008 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.372800112 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.379091978 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.379338026 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.385189056 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.385315895 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.388710022 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.388807058 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.394656897 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.394756079 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.401221991 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.401345968 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.404198885 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.404464006 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.410217047 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.410361052 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.416369915 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.416539907 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.419852018 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.420233965 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.427298069 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.427414894 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.430545092 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.430675983 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.436758995 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.436862946 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.443217993 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.443342924 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.446392059 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.446748018 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.452315092 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.452464104 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.458700895 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.459019899 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.461961031 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.462085009 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.555778027 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.555959940 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.557991982 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.558099031 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.562608957 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.562726974 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.565022945 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.565148115 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.569442034 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.569720030 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.573826075 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.573992014 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.578011990 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.578128099 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.586415052 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.586437941 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.586534977 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.586548090 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.586654902 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.586662054 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.586858034 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.600557089 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.600616932 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.600653887 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.600661039 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.600676060 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.600676060 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.600781918 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.614187002 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.614247084 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.614289045 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.614304066 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.614329100 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.614387989 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.614397049 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.622813940 CET44349759162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.623194933 CET49759443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.623209953 CET44349759162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.624710083 CET44349759162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.625076056 CET49759443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.626559019 CET49759443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.626559019 CET49759443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.626642942 CET44349759162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.627074003 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.627125978 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.627168894 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.627182007 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.627207994 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.640949965 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.641006947 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.641047955 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.641061068 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.641102076 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.652991056 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.653058052 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.653209925 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.653209925 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.653225899 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.656261921 CET44349760172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.667079926 CET49760443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.667102098 CET44349760172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.668154955 CET44349760172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.668416023 CET49760443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.668781996 CET49760443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.668840885 CET44349760172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.669157982 CET49760443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.669162989 CET44349760172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.718610048 CET49759443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.718626976 CET44349759162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.718808889 CET49759443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.751792908 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.751857042 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.751898050 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.751909971 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.751934052 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.754661083 CET49760443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.762053967 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.762077093 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.762124062 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.762151957 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.762252092 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.762300014 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.762310982 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.762336016 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.771598101 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.771656036 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.771691084 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.771691084 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.771727085 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.771739006 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.771745920 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.771759033 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.771805048 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.771811008 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.772491932 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.780745029 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.780805111 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.780842066 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.780848026 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.780874014 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.781471968 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.788502932 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.788548946 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.788587093 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.788594007 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.788619995 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.788690090 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.788696051 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.796267033 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.796307087 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.796346903 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.796355009 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.796389103 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.796477079 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.796488047 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.796525002 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.796689987 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.796689987 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.842957973 CET49760443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.843063116 CET44349760172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.843224049 CET44349760172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.843250990 CET49760443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:16.843563080 CET49760443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.161880970 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.164249897 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.168159962 CET49762443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.168225050 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.168343067 CET49761443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.168359041 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.169697046 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.169770002 CET49762443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.169795990 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.169847012 CET49761443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.170156956 CET49762443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.170248032 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.170574903 CET49761443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.170654058 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.184717894 CET49762443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.184751987 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.189280033 CET49761443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.189286947 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.259805918 CET49754443192.168.2.4172.67.41.16
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.259838104 CET44349754172.67.41.16192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.301037073 CET49761443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.301048040 CET49762443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.609958887 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.610002995 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.610038042 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.610066891 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.610095978 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.610141039 CET49762443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.610141993 CET49762443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.610148907 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.610177994 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.610204935 CET49762443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.617954016 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.618006945 CET49762443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.618026018 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.625236988 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.625364065 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.625406027 CET49761443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.625423908 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.625547886 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.625590086 CET49761443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.625597954 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.625689030 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.625735044 CET49761443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.625740051 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.626347065 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.626508951 CET49762443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.626574039 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.636770010 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.636820078 CET49761443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.636827946 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.644741058 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.644788980 CET49761443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.644794941 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.719638109 CET49761443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.719655037 CET49762443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.719702005 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.744941950 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.801976919 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.802056074 CET49762443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.802089930 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.813654900 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.813709974 CET49762443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.813741922 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.821882010 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.821929932 CET49762443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.821939945 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.829104900 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.829174042 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.829195976 CET49762443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.829231024 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.829278946 CET49762443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.829288960 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.829334021 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.829374075 CET49762443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.829557896 CET49762443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.829571962 CET44349762104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.833863974 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.833914995 CET49761443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.833933115 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.837677002 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.837713957 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.837719917 CET49761443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.837726116 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.837794065 CET49761443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.837798119 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.837827921 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.837866068 CET49761443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.838326931 CET49761443192.168.2.4104.17.248.203
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:17.838340998 CET44349761104.17.248.203192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:18.858228922 CET49766443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:18.858369112 CET44349766162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:18.858623981 CET49767443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:18.858690977 CET44349767162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:18.858730078 CET49766443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:18.858797073 CET49767443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:18.859606028 CET49767443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:18.859621048 CET44349767162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:18.860028028 CET49766443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:18.860079050 CET44349766162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:18.860652924 CET49768443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:18.860687971 CET44349768162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:18.860867977 CET49768443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:18.861382008 CET49768443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:18.861382961 CET49769443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:18.861393929 CET44349768162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:18.861427069 CET44349769162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:18.861624002 CET49769443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:18.861816883 CET49769443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:18.861831903 CET44349769162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.069765091 CET44349766162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.070211887 CET44349768162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.070235014 CET49766443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.070282936 CET44349766162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.071420908 CET44349766162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.071489096 CET49766443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.071496964 CET44349767162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.072840929 CET44349769162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.080579996 CET49766443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.080719948 CET44349766162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.080888987 CET49768443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.080914974 CET44349768162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.081027985 CET49767443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.081043959 CET44349767162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.081176043 CET49769443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.081192970 CET44349769162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.082053900 CET44349768162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.082114935 CET49768443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.082890987 CET44349769162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.082953930 CET49769443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.084738970 CET44349767162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.084808111 CET49767443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.087687016 CET49768443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.087776899 CET44349768162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.097141027 CET49769443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.097311974 CET44349769162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.097563982 CET49767443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.097781897 CET44349767162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.154136896 CET49766443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.154203892 CET44349766162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.154241085 CET49768443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.154258013 CET44349768162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.169876099 CET49769443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.169892073 CET44349769162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.169925928 CET49767443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.169945955 CET44349767162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.298047066 CET49769443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.298054934 CET49767443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.344732046 CET49766443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.345227957 CET49768443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:34.874294996 CET44349766162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:34.874368906 CET44349766162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:34.874521017 CET44349767162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:34.874617100 CET49766443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:34.874723911 CET44349767162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:34.874773979 CET49767443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:34.876200914 CET44349768162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:34.876287937 CET44349768162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:34.876329899 CET49768443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:34.878237009 CET44349769162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:34.878401041 CET44349769162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:34.878459930 CET49769443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:36.051964998 CET4973380192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:36.172261953 CET8049733104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:57.791995049 CET4974980192.168.2.4151.101.65.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:57.912010908 CET8049749151.101.65.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:59.152931929 CET4975080192.168.2.4185.199.108.153
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:59.272851944 CET8049750185.199.108.153192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:06.247121096 CET4973380192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:06.368021965 CET8049733104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:09.081521988 CET49799443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:09.081613064 CET44349799172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:09.081880093 CET49799443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:09.081964970 CET49800443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:09.082056999 CET44349800172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:09.082320929 CET49799443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:09.082333088 CET49800443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:09.082370996 CET44349799172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:09.082681894 CET49800443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:09.082772017 CET44349800172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.292789936 CET44349799172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.293093920 CET49799443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.293158054 CET44349799172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.294629097 CET44349799172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.294707060 CET49799443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.294949055 CET49799443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.295037985 CET44349799172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.296996117 CET44349800172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.297406912 CET49800443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.297441959 CET44349800172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.300956011 CET44349800172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.301028967 CET49800443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.301948071 CET49800443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.302129030 CET44349800172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.351273060 CET49799443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.351290941 CET44349799172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.502237082 CET49800443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.502260923 CET44349800172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.549107075 CET49799443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.699111938 CET49800443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:19.906559944 CET49767443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:19.906586885 CET44349767162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:19.906769037 CET49769443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:19.906830072 CET44349769162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:19.954268932 CET49766443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:19.954329967 CET44349766162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:19.954376936 CET49768443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:19.954413891 CET44349768162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:25.098840952 CET44349799172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:25.098994017 CET44349799172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:25.099245071 CET49799443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:25.100404978 CET44349800172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:25.100575924 CET44349800172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:25.100672960 CET49800443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:36.016602039 CET4973380192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:36.136663914 CET8049733104.21.13.90192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:36.136739969 CET4973380192.168.2.4104.21.13.90
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:43.095719099 CET4974980192.168.2.4151.101.65.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:43.215297937 CET8049749151.101.65.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:44.445030928 CET4975080192.168.2.4185.199.108.153
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:44.564963102 CET8049750185.199.108.153192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:07:04.991190910 CET49767443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:07:04.991210938 CET49769443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:07:04.991234064 CET44349767162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:07:04.991245985 CET44349769162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:07:05.054640055 CET49766443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:07:05.054678917 CET44349766162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:07:05.054791927 CET49768443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:07:05.054860115 CET44349768162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:07:10.197087049 CET49800443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:07:10.197160959 CET44349800172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:07:10.243922949 CET49799443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:07:10.243941069 CET44349799172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:07:28.300813913 CET4974980192.168.2.4151.101.65.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:07:28.421680927 CET8049749151.101.65.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:07:29.653379917 CET4975080192.168.2.4185.199.108.153
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:07:29.798641920 CET8049750185.199.108.153192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:07:55.205698013 CET49800443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:07:55.205765009 CET44349800172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:07:55.352936029 CET49799443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:07:55.353003025 CET44349799172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:08:13.423367977 CET4974980192.168.2.4151.101.65.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:08:13.543452024 CET8049749151.101.65.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:08:14.803123951 CET4975080192.168.2.4185.199.108.153
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:08:14.923069000 CET8049750185.199.108.153192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:08:58.687774897 CET4974980192.168.2.4151.101.65.229
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:08:58.808352947 CET8049749151.101.65.229192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:08:59.988939047 CET4975080192.168.2.4185.199.108.153
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:09:00.109100103 CET8049750185.199.108.153192.168.2.4

                                                                                                                                                                                                                                                                                      UDP Packets

                                                                                                                                                                                                                                                                                      TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:02.625577927 CET5934953192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:02.969466925 CET53593491.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.236345053 CET4936853192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.236345053 CET5206253192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.237757921 CET5637453192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.237757921 CET5185753192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.238487005 CET5858553192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.239067078 CET4974753192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.239362955 CET5168953192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.240084887 CET5047853192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.240084887 CET5208553192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.240441084 CET5603253192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.297281027 CET53646531.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.375467062 CET53563741.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.376112938 CET53518571.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.378300905 CET53622051.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.383074045 CET53504781.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.386059999 CET53585851.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.387353897 CET53493681.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.387684107 CET53520621.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.387912035 CET53497471.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.661473989 CET53560321.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.825907946 CET53520851.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.604171038 CET5925453192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.604438066 CET5755153192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.742464066 CET53592541.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.742497921 CET53575511.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.085091114 CET5943553192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.085402966 CET5229153192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.221991062 CET53594351.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.222153902 CET53522911.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.429711103 CET6125753192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.429850101 CET4972553192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.430238008 CET5011453192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.430444002 CET5208153192.168.2.41.1.1.1
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.567220926 CET53501141.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.567717075 CET53520811.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.569302082 CET53497251.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.569484949 CET53612571.1.1.1192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:18.858228922 CET58678443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:19.200534105 CET58678443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:19.801775932 CET58678443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:19.943686962 CET44358678162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:19.943839073 CET44358678162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:19.943875074 CET44358678162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:19.943912029 CET44358678162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.037496090 CET58678443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.038089037 CET58678443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.048712015 CET58678443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.116250992 CET44358678162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.352242947 CET44358678162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.352315903 CET44358678162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.352348089 CET44358678162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.352376938 CET44358678162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.352854013 CET58678443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.352957964 CET58678443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.362571955 CET44358678162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.666888952 CET44358678162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:20.707792044 CET58678443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:26.852152109 CET58678443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:26.852384090 CET58678443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:27.167082071 CET44358678162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:27.167817116 CET44358678162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:27.167977095 CET44358678162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:27.168612957 CET58678443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:09.080956936 CET60539443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:09.401520014 CET60539443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.014453888 CET60539443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.166383982 CET44360539172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.166466951 CET44360539172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.166503906 CET44360539172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.166578054 CET44360539172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.170718908 CET60539443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.172128916 CET60539443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.173336029 CET60539443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.328860998 CET44360539172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.485737085 CET44360539172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.485780954 CET44360539172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.485794067 CET44360539172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.485800028 CET44360539172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.486531019 CET44360539172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.919290066 CET60539443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:10.919394970 CET60539443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:11.233731985 CET44360539172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:11.264698029 CET60539443192.168.2.4172.64.41.3

                                                                                                                                                                                                                                                                                      DNS Queries

                                                                                                                                                                                                                                                                                      TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:02.625577927 CET192.168.2.41.1.1.10xaffdStandard query (0)anticheat.acA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.236345053 CET192.168.2.41.1.1.10x97b1Standard query (0)cdn.tailwindcss.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.236345053 CET192.168.2.41.1.1.10x47c9Standard query (0)cdn.tailwindcss.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.237757921 CET192.168.2.41.1.1.10xae36Standard query (0)unpkg.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.237757921 CET192.168.2.41.1.1.10x49bdStandard query (0)unpkg.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.238487005 CET192.168.2.41.1.1.10xd6f6Standard query (0)cdn.jsdelivr.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.239067078 CET192.168.2.41.1.1.10x816fStandard query (0)cdn.jsdelivr.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.239362955 CET192.168.2.41.1.1.10x9e26Standard query (0)pro.fontawesome.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.240084887 CET192.168.2.41.1.1.10x1691Standard query (0)pro.fontawesome.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.240084887 CET192.168.2.41.1.1.10xe779Standard query (0)threejs.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.240441084 CET192.168.2.41.1.1.10xb80Standard query (0)threejs.org65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.604171038 CET192.168.2.41.1.1.10x2eedStandard query (0)cdn.jsdelivr.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.604438066 CET192.168.2.41.1.1.10x82f4Standard query (0)cdn.jsdelivr.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.085091114 CET192.168.2.41.1.1.10xc54cStandard query (0)threejs.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.085402966 CET192.168.2.41.1.1.10x7a1fStandard query (0)threejs.org65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.429711103 CET192.168.2.41.1.1.10xcbe7Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.429850101 CET192.168.2.41.1.1.10x80a9Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.430238008 CET192.168.2.41.1.1.10x1426Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.430444002 CET192.168.2.41.1.1.10x2465Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false

                                                                                                                                                                                                                                                                                      DNS Answers

                                                                                                                                                                                                                                                                                      TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:02.969466925 CET1.1.1.1192.168.2.40xaffdNo error (0)anticheat.ac104.21.13.90A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:02.969466925 CET1.1.1.1192.168.2.40xaffdNo error (0)anticheat.ac172.67.155.115A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.375467062 CET1.1.1.1192.168.2.40xae36No error (0)unpkg.com104.17.248.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.375467062 CET1.1.1.1192.168.2.40xae36No error (0)unpkg.com104.17.246.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.375467062 CET1.1.1.1192.168.2.40xae36No error (0)unpkg.com104.17.245.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.375467062 CET1.1.1.1192.168.2.40xae36No error (0)unpkg.com104.17.249.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.375467062 CET1.1.1.1192.168.2.40xae36No error (0)unpkg.com104.17.247.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.376112938 CET1.1.1.1192.168.2.40x49bdNo error (0)unpkg.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.381465912 CET1.1.1.1192.168.2.40x9e26No error (0)pro.fontawesome.compro.fontawesome.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.383074045 CET1.1.1.1192.168.2.40x1691No error (0)pro.fontawesome.compro.fontawesome.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.386059999 CET1.1.1.1192.168.2.40xd6f6No error (0)cdn.jsdelivr.netjsdelivr.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.386059999 CET1.1.1.1192.168.2.40xd6f6No error (0)jsdelivr.map.fastly.net151.101.65.229A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.386059999 CET1.1.1.1192.168.2.40xd6f6No error (0)jsdelivr.map.fastly.net151.101.129.229A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.386059999 CET1.1.1.1192.168.2.40xd6f6No error (0)jsdelivr.map.fastly.net151.101.1.229A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.386059999 CET1.1.1.1192.168.2.40xd6f6No error (0)jsdelivr.map.fastly.net151.101.193.229A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.387353897 CET1.1.1.1192.168.2.40x97b1No error (0)cdn.tailwindcss.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.387684107 CET1.1.1.1192.168.2.40x47c9No error (0)cdn.tailwindcss.com172.67.41.16A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.387684107 CET1.1.1.1192.168.2.40x47c9No error (0)cdn.tailwindcss.com104.22.21.144A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.387684107 CET1.1.1.1192.168.2.40x47c9No error (0)cdn.tailwindcss.com104.22.20.144A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.387912035 CET1.1.1.1192.168.2.40x816fNo error (0)cdn.jsdelivr.netjsdelivr.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.825907946 CET1.1.1.1192.168.2.40xe779No error (0)threejs.org185.199.108.153A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.825907946 CET1.1.1.1192.168.2.40xe779No error (0)threejs.org185.199.109.153A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.825907946 CET1.1.1.1192.168.2.40xe779No error (0)threejs.org185.199.110.153A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.825907946 CET1.1.1.1192.168.2.40xe779No error (0)threejs.org185.199.111.153A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.742464066 CET1.1.1.1192.168.2.40x2eedNo error (0)cdn.jsdelivr.netjsdelivr.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.742464066 CET1.1.1.1192.168.2.40x2eedNo error (0)jsdelivr.map.fastly.net151.101.129.229A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.742464066 CET1.1.1.1192.168.2.40x2eedNo error (0)jsdelivr.map.fastly.net151.101.193.229A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.742464066 CET1.1.1.1192.168.2.40x2eedNo error (0)jsdelivr.map.fastly.net151.101.1.229A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.742464066 CET1.1.1.1192.168.2.40x2eedNo error (0)jsdelivr.map.fastly.net151.101.65.229A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.742497921 CET1.1.1.1192.168.2.40x82f4No error (0)cdn.jsdelivr.netjsdelivr.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.221991062 CET1.1.1.1192.168.2.40xc54cNo error (0)threejs.org185.199.111.153A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.221991062 CET1.1.1.1192.168.2.40xc54cNo error (0)threejs.org185.199.109.153A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.221991062 CET1.1.1.1192.168.2.40xc54cNo error (0)threejs.org185.199.110.153A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.221991062 CET1.1.1.1192.168.2.40xc54cNo error (0)threejs.org185.199.108.153A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.567220926 CET1.1.1.1192.168.2.40x1426No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.567220926 CET1.1.1.1192.168.2.40x1426No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.567717075 CET1.1.1.1192.168.2.40x2465No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.569302082 CET1.1.1.1192.168.2.40x80a9No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.569484949 CET1.1.1.1192.168.2.40xcbe7No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.569484949 CET1.1.1.1192.168.2.40xcbe7No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                      HTTP Request Dependency Graph

                                                                                                                                                                                                                                                                                      • anticheat.ac
                                                                                                                                                                                                                                                                                      • unpkg.com
                                                                                                                                                                                                                                                                                      • cdn.tailwindcss.com
                                                                                                                                                                                                                                                                                      • cdn.jsdelivr.net
                                                                                                                                                                                                                                                                                      • threejs.org
                                                                                                                                                                                                                                                                                      • chrome.cloudflare-dns.com

                                                                                                                                                                                                                                                                                      HTTP Packets

                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      0192.168.2.449733104.21.13.90806592C:\Users\user\Desktop\Ocean-T2I4I8O9.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:04.896004915 CET117OUTGET /api/customgui/T2I4I8O9.exe/ HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: anticheat.ac
                                                                                                                                                                                                                                                                                      User-Agent: MAQUINADEARMADO
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:05.981288910 CET1063INHTTP/1.1 301 Moved Permanently
                                                                                                                                                                                                                                                                                      Date: Fri, 20 Dec 2024 11:05:05 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Content-Length: 167
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Cache-Control: max-age=3600
                                                                                                                                                                                                                                                                                      Expires: Fri, 20 Dec 2024 12:05:05 GMT
                                                                                                                                                                                                                                                                                      Location: https://anticheat.ac/api/customgui/T2I4I8O9.exe/
                                                                                                                                                                                                                                                                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oxdjTVdvb4yVebJRMTDSIFIMAKj5hNpOMeDPYt1W2FipWWH2T3NPH3R9Hl6289qbldfUaF5lOdHPe4hw34pwEqxAIy0lPc0e9hAfvQfd%2FxMrUlDo%2F9YqVhMo%2BUnOj08%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                                                                      CF-RAY: 8f4f27c35e86f78f-EWR
                                                                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                      server-timing: cfL4;desc="?proto=TCP&rtt=1597&min_rtt=1597&rtt_var=798&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=117&delivery_rate=0&cwnd=135&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                                                                                                                                                                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>cloudflare</center></body></html>
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:36.051964998 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:06.247121096 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      1192.168.2.449747151.101.65.229807196C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.515491962 CET334OUTGET /particles.js/2.0.0/particles.min.js HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: cdn.jsdelivr.net
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:13.600841045 CET363INHTTP/1.1 301 Moved Permanently
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Content-Length: 0
                                                                                                                                                                                                                                                                                      Server: Varnish
                                                                                                                                                                                                                                                                                      Retry-After: 0
                                                                                                                                                                                                                                                                                      Location: https://cdn.jsdelivr.net/particles.js/2.0.0/particles.min.js
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      Date: Fri, 20 Dec 2024 11:05:13 GMT
                                                                                                                                                                                                                                                                                      X-Served-By: cache-ewr-kewr1740025-EWR
                                                                                                                                                                                                                                                                                      X-Cache: HIT
                                                                                                                                                                                                                                                                                      alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      2192.168.2.449750185.199.108.153807196C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:12.955594063 CET323OUTGET /examples/js/libs/stats.min.js HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: threejs.org
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:14.077866077 CET685INHTTP/1.1 301 Moved Permanently
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Content-Length: 162
                                                                                                                                                                                                                                                                                      Server: GitHub.com
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Location: https://threejs.org/examples/js/libs/stats.min.js
                                                                                                                                                                                                                                                                                      X-GitHub-Request-Id: 88E4:310C7A:787BBB:846894:67654F69
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      Age: 0
                                                                                                                                                                                                                                                                                      Date: Fri, 20 Dec 2024 11:05:13 GMT
                                                                                                                                                                                                                                                                                      Via: 1.1 varnish
                                                                                                                                                                                                                                                                                      X-Served-By: cache-nyc-kteb1890050-NYC
                                                                                                                                                                                                                                                                                      X-Cache: MISS
                                                                                                                                                                                                                                                                                      X-Cache-Hits: 0
                                                                                                                                                                                                                                                                                      X-Timer: S1734692714.887793,VS0,VE38
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      X-Fastly-Request-ID: bb9c6bc43da0f1e8afc020b91ca8a33d64cda578
                                                                                                                                                                                                                                                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:59.152931929 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:44.445030928 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:07:29.653379917 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:08:14.803123951 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:08:59.988939047 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      3192.168.2.449749151.101.65.229807196C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:05:57.791995049 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:06:43.095719099 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:07:28.300813913 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:08:13.423367977 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Dec 20, 2024 12:08:58.687774897 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:


                                                                                                                                                                                                                                                                                      HTTPS Proxied Packets

                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      0192.168.2.449732104.21.13.904436592C:\Users\user\Desktop\Ocean-T2I4I8O9.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:04 UTC116OUTGET /api/customgui/T2I4I8O9.exe HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: anticheat.ac
                                                                                                                                                                                                                                                                                      User-Agent: MAQUINADEARMADO
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:04 UTC1129INHTTP/1.1 308 Permanent Redirect
                                                                                                                                                                                                                                                                                      Date: Fri, 20 Dec 2024 11:05:04 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      location: http://anticheat.ac/api/customgui/T2I4I8O9.exe/
                                                                                                                                                                                                                                                                                      access-control-allow-origin: *
                                                                                                                                                                                                                                                                                      vary: Accept-Encoding, Cookie
                                                                                                                                                                                                                                                                                      strict-transport-security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                      x-frame-options: DENY
                                                                                                                                                                                                                                                                                      x-content-type-options: nosniff
                                                                                                                                                                                                                                                                                      x-xss-protection: 1; mode=block
                                                                                                                                                                                                                                                                                      referrer-policy: no-referrer-when-downgrade
                                                                                                                                                                                                                                                                                      CF-Cache-Status: BYPASS
                                                                                                                                                                                                                                                                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vZEBdhY3hQAuXQjgYF4bqgdSew%2F94W%2Farnn%2BNC9DVHd0nGmHjL58kB272WTgqdMCWDfsdWm811HdYFi2BjC9Rc8DkCLq4frERTnnnH0g%2FSqf38FYODr5jhvDKgt1yjA%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                                                                      CF-RAY: 8f4f27bafc58c324-EWR
                                                                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                      server-timing: cfL4;desc="?proto=TCP&rtt=1523&min_rtt=1521&rtt_var=575&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2829&recv_bytes=731&delivery_rate=1894873&cwnd=162&unsent_bytes=0&cid=c34b279590240173&ts=532&x=0"
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:04 UTC240INData Raw: 31 31 61 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 3c 74 69 74 6c 65 3e 52 65 64 69 72 65 63 74 69 6e 67 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 68 31 3e 52 65 64 69 72 65 63 74 69 6e 67 2e 2e 2e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 73 68 6f 75 6c 64 20 62 65 20 72 65 64 69 72 65 63 74 65 64 20 61 75 74 6f 6d 61 74 69 63 61 6c 6c 79 20 74 6f 20 74 68 65 20 74 61 72 67 65 74 20 55 52 4c 3a 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 6e 74 69 63 68 65 61 74 2e 61 63 2f 61 70 69 2f 63 75 73 74 6f 6d 67 75 69 2f 54 32 49 34 49 38 4f 39 2e 65 78 65 2f 22 3e 68 74 74 70 3a 2f 2f 61 6e 74 69 63 68 65 61 74 2e 61 63 2f 61 70 69 2f 63 75 73 74 6f 6d
                                                                                                                                                                                                                                                                                      Data Ascii: 11a<!doctype html><html lang=en><title>Redirecting...</title><h1>Redirecting...</h1><p>You should be redirected automatically to the target URL: <a href="https://anticheat.ac/api/customgui/T2I4I8O9.exe/">http://anticheat.ac/api/custom
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:04 UTC49INData Raw: 67 75 69 2f 54 32 49 34 49 38 4f 39 2e 65 78 65 2f 3c 2f 61 3e 2e 20 49 66 20 6e 6f 74 2c 20 63 6c 69 63 6b 20 74 68 65 20 6c 69 6e 6b 2e 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: gui/T2I4I8O9.exe/</a>. If not, click the link.
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:04 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      1192.168.2.449734104.21.13.904436592C:\Users\user\Desktop\Ocean-T2I4I8O9.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:07 UTC175OUTGET /api/customgui/T2I4I8O9.exe/ HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: anticheat.ac
                                                                                                                                                                                                                                                                                      User-Agent: MAQUINADEARMADO
                                                                                                                                                                                                                                                                                      Referer: http://anticheat.ac/api/customgui/T2I4I8O9.exe/
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:07 UTC910INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                                                                      Date: Fri, 20 Dec 2024 11:05:07 GMT
                                                                                                                                                                                                                                                                                      Content-Type: application/json
                                                                                                                                                                                                                                                                                      Content-Length: 26
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      access-control-allow-origin: *
                                                                                                                                                                                                                                                                                      vary: Accept-Encoding, Cookie
                                                                                                                                                                                                                                                                                      strict-transport-security: max-age=63072000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                      cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FjLkQaihFZ7nujCdjmJil8uqLb76TP0MsBJsOnoRDLZWGdce0NX5%2BeJ6enHdRTg5P3GvoeY9BIGyuiYRF%2B%2Bg3Jgi9CwyX5CyNvF98V0XkQGTYlABheMIm08UtrCsqWE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                                                                      CF-RAY: 8f4f27cdc8817295-EWR
                                                                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                      server-timing: cfL4;desc="?proto=TCP&rtt=1983&min_rtt=1975&rtt_var=758&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2829&recv_bytes=790&delivery_rate=1428571&cwnd=206&unsent_bytes=0&cid=e10943f663cbbb2c&ts=539&x=0"
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:07 UTC26INData Raw: 7b 22 65 72 72 6f 72 22 3a 22 47 55 49 20 6e 6f 74 20 66 6f 75 6e 64 22 7d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: {"error":"GUI not found"}


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      2192.168.2.449740104.17.248.2034437196C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:13 UTC575OUTGET /aos@2.3.1/dist/aos.css HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: unpkg.com
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"
                                                                                                                                                                                                                                                                                      sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                      sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                      Accept: text/css,*/*;q=0.1
                                                                                                                                                                                                                                                                                      Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                      Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                      Sec-Fetch-Dest: style
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                      Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC562INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Fri, 20 Dec 2024 11:05:13 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/css; charset=utf-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      access-control-allow-origin: *
                                                                                                                                                                                                                                                                                      cache-control: public, max-age=31536000
                                                                                                                                                                                                                                                                                      last-modified: Thu, 17 May 2018 22:11:13 GMT
                                                                                                                                                                                                                                                                                      etag: W/"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
                                                                                                                                                                                                                                                                                      via: 1.1 fly.io
                                                                                                                                                                                                                                                                                      fly-request-id: 01JDXWBN4JBGCWEJCHPB1TRKSG-lga
                                                                                                                                                                                                                                                                                      CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                      Age: 1744331
                                                                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                                                                      CF-RAY: 8f4f27f5bdbb8c41-EWR
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC807INData Raw: 36 35 63 35 0d 0a 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 2d 64 75 72 61 74 69 6f 6e 3d 22 35 30 22 5d 2c 62 6f 64 79 5b 64 61 74 61 2d 61 6f 73 2d 64 75 72 61 74 69 6f 6e 3d 22 35 30 22 5d 20 5b 64 61 74 61 2d 61 6f 73 5d 7b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 35 30 6d 73 7d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 35 30 22 5d 2c 62 6f 64 79 5b 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 35 30 22 5d 20 5b 64 61 74 61 2d 61 6f 73 5d 7b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 65 6c 61 79 3a 30 7d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 35 30 22 5d
                                                                                                                                                                                                                                                                                      Data Ascii: 65c5[data-aos][data-aos][data-aos-duration="50"],body[data-aos-duration="50"] [data-aos]{transition-duration:50ms}[data-aos][data-aos][data-aos-delay="50"],body[data-aos-delay="50"] [data-aos]{transition-delay:0}[data-aos][data-aos][data-aos-delay="50"]
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC1369INData Raw: 5d 5b 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 31 35 30 22 5d 2c 62 6f 64 79 5b 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 31 35 30 22 5d 20 5b 64 61 74 61 2d 61 6f 73 5d 7b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 65 6c 61 79 3a 30 7d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 31 35 30 22 5d 2e 61 6f 73 2d 61 6e 69 6d 61 74 65 2c 62 6f 64 79 5b 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 31 35 30 22 5d 20 5b 64 61 74 61 2d 61 6f 73 5d 2e 61 6f 73 2d 61 6e 69 6d 61 74 65 7b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 65 6c 61 79 3a 2e 31 35 73 7d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 2d 64 75 72 61 74 69 6f 6e 3d 22 32 30 30 22 5d 2c 62
                                                                                                                                                                                                                                                                                      Data Ascii: ][data-aos-delay="150"],body[data-aos-delay="150"] [data-aos]{transition-delay:0}[data-aos][data-aos][data-aos-delay="150"].aos-animate,body[data-aos-delay="150"] [data-aos].aos-animate{transition-delay:.15s}[data-aos][data-aos][data-aos-duration="200"],b
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC1369INData Raw: 22 33 35 30 22 5d 2c 62 6f 64 79 5b 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 33 35 30 22 5d 20 5b 64 61 74 61 2d 61 6f 73 5d 7b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 65 6c 61 79 3a 30 7d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 33 35 30 22 5d 2e 61 6f 73 2d 61 6e 69 6d 61 74 65 2c 62 6f 64 79 5b 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 33 35 30 22 5d 20 5b 64 61 74 61 2d 61 6f 73 5d 2e 61 6f 73 2d 61 6e 69 6d 61 74 65 7b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 65 6c 61 79 3a 2e 33 35 73 7d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 2d 64 75 72 61 74 69 6f 6e 3d 22 34 30 30 22 5d 2c 62 6f 64 79 5b 64 61 74 61 2d 61 6f 73 2d 64 75 72 61
                                                                                                                                                                                                                                                                                      Data Ascii: "350"],body[data-aos-delay="350"] [data-aos]{transition-delay:0}[data-aos][data-aos][data-aos-delay="350"].aos-animate,body[data-aos-delay="350"] [data-aos].aos-animate{transition-delay:.35s}[data-aos][data-aos][data-aos-duration="400"],body[data-aos-dura
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC1369INData Raw: 61 6f 73 2d 64 65 6c 61 79 3d 22 35 35 30 22 5d 20 5b 64 61 74 61 2d 61 6f 73 5d 7b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 65 6c 61 79 3a 30 7d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 35 35 30 22 5d 2e 61 6f 73 2d 61 6e 69 6d 61 74 65 2c 62 6f 64 79 5b 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 35 35 30 22 5d 20 5b 64 61 74 61 2d 61 6f 73 5d 2e 61 6f 73 2d 61 6e 69 6d 61 74 65 7b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 65 6c 61 79 3a 2e 35 35 73 7d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 2d 64 75 72 61 74 69 6f 6e 3d 22 36 30 30 22 5d 2c 62 6f 64 79 5b 64 61 74 61 2d 61 6f 73 2d 64 75 72 61 74 69 6f 6e 3d 22 36 30 30 22 5d 20 5b 64 61 74 61
                                                                                                                                                                                                                                                                                      Data Ascii: aos-delay="550"] [data-aos]{transition-delay:0}[data-aos][data-aos][data-aos-delay="550"].aos-animate,body[data-aos-delay="550"] [data-aos].aos-animate{transition-delay:.55s}[data-aos][data-aos][data-aos-duration="600"],body[data-aos-duration="600"] [data
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC1369INData Raw: 5b 64 61 74 61 2d 61 6f 73 5d 7b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 65 6c 61 79 3a 30 7d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 37 35 30 22 5d 2e 61 6f 73 2d 61 6e 69 6d 61 74 65 2c 62 6f 64 79 5b 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 37 35 30 22 5d 20 5b 64 61 74 61 2d 61 6f 73 5d 2e 61 6f 73 2d 61 6e 69 6d 61 74 65 7b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 65 6c 61 79 3a 2e 37 35 73 7d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 2d 64 75 72 61 74 69 6f 6e 3d 22 38 30 30 22 5d 2c 62 6f 64 79 5b 64 61 74 61 2d 61 6f 73 2d 64 75 72 61 74 69 6f 6e 3d 22 38 30 30 22 5d 20 5b 64 61 74 61 2d 61 6f 73 5d 7b 74 72 61 6e 73 69 74 69 6f 6e 2d
                                                                                                                                                                                                                                                                                      Data Ascii: [data-aos]{transition-delay:0}[data-aos][data-aos][data-aos-delay="750"].aos-animate,body[data-aos-delay="750"] [data-aos].aos-animate{transition-delay:.75s}[data-aos][data-aos][data-aos-duration="800"],body[data-aos-duration="800"] [data-aos]{transition-
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC1369INData Raw: 74 69 6f 6e 2d 64 65 6c 61 79 3a 30 7d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 39 35 30 22 5d 2e 61 6f 73 2d 61 6e 69 6d 61 74 65 2c 62 6f 64 79 5b 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 39 35 30 22 5d 20 5b 64 61 74 61 2d 61 6f 73 5d 2e 61 6f 73 2d 61 6e 69 6d 61 74 65 7b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 65 6c 61 79 3a 2e 39 35 73 7d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 2d 64 75 72 61 74 69 6f 6e 3d 22 31 30 30 30 22 5d 2c 62 6f 64 79 5b 64 61 74 61 2d 61 6f 73 2d 64 75 72 61 74 69 6f 6e 3d 22 31 30 30 30 22 5d 20 5b 64 61 74 61 2d 61 6f 73 5d 7b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 31 73 7d 5b 64 61
                                                                                                                                                                                                                                                                                      Data Ascii: tion-delay:0}[data-aos][data-aos][data-aos-delay="950"].aos-animate,body[data-aos-delay="950"] [data-aos].aos-animate{transition-delay:.95s}[data-aos][data-aos][data-aos-duration="1000"],body[data-aos-duration="1000"] [data-aos]{transition-duration:1s}[da
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC1369INData Raw: 5d 7b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 65 6c 61 79 3a 30 7d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 31 31 35 30 22 5d 2e 61 6f 73 2d 61 6e 69 6d 61 74 65 2c 62 6f 64 79 5b 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 31 31 35 30 22 5d 20 5b 64 61 74 61 2d 61 6f 73 5d 2e 61 6f 73 2d 61 6e 69 6d 61 74 65 7b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 65 6c 61 79 3a 31 2e 31 35 73 7d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 2d 64 75 72 61 74 69 6f 6e 3d 22 31 32 30 30 22 5d 2c 62 6f 64 79 5b 64 61 74 61 2d 61 6f 73 2d 64 75 72 61 74 69 6f 6e 3d 22 31 32 30 30 22 5d 20 5b 64 61 74 61 2d 61 6f 73 5d 7b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61
                                                                                                                                                                                                                                                                                      Data Ascii: ]{transition-delay:0}[data-aos][data-aos][data-aos-delay="1150"].aos-animate,body[data-aos-delay="1150"] [data-aos].aos-animate{transition-delay:1.15s}[data-aos][data-aos][data-aos-duration="1200"],body[data-aos-duration="1200"] [data-aos]{transition-dura
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC1369INData Raw: 33 35 30 22 5d 20 5b 64 61 74 61 2d 61 6f 73 5d 7b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 65 6c 61 79 3a 30 7d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 31 33 35 30 22 5d 2e 61 6f 73 2d 61 6e 69 6d 61 74 65 2c 62 6f 64 79 5b 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 31 33 35 30 22 5d 20 5b 64 61 74 61 2d 61 6f 73 5d 2e 61 6f 73 2d 61 6e 69 6d 61 74 65 7b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 65 6c 61 79 3a 31 2e 33 35 73 7d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 2d 64 75 72 61 74 69 6f 6e 3d 22 31 34 30 30 22 5d 2c 62 6f 64 79 5b 64 61 74 61 2d 61 6f 73 2d 64 75 72 61 74 69 6f 6e 3d 22 31 34 30 30 22 5d 20 5b 64 61 74 61 2d 61 6f 73 5d 7b
                                                                                                                                                                                                                                                                                      Data Ascii: 350"] [data-aos]{transition-delay:0}[data-aos][data-aos][data-aos-delay="1350"].aos-animate,body[data-aos-delay="1350"] [data-aos].aos-animate{transition-delay:1.35s}[data-aos][data-aos][data-aos-duration="1400"],body[data-aos-duration="1400"] [data-aos]{
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC1369INData Raw: 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 31 35 35 30 22 5d 20 5b 64 61 74 61 2d 61 6f 73 5d 7b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 65 6c 61 79 3a 30 7d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 31 35 35 30 22 5d 2e 61 6f 73 2d 61 6e 69 6d 61 74 65 2c 62 6f 64 79 5b 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 31 35 35 30 22 5d 20 5b 64 61 74 61 2d 61 6f 73 5d 2e 61 6f 73 2d 61 6e 69 6d 61 74 65 7b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 65 6c 61 79 3a 31 2e 35 35 73 7d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 2d 64 75 72 61 74 69 6f 6e 3d 22 31 36 30 30 22 5d 2c 62 6f 64 79 5b 64 61 74 61 2d 61 6f 73 2d 64 75 72 61 74 69 6f 6e 3d 22 31 36 30
                                                                                                                                                                                                                                                                                      Data Ascii: ta-aos-delay="1550"] [data-aos]{transition-delay:0}[data-aos][data-aos][data-aos-delay="1550"].aos-animate,body[data-aos-delay="1550"] [data-aos].aos-animate{transition-delay:1.55s}[data-aos][data-aos][data-aos-duration="1600"],body[data-aos-duration="160
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC1369INData Raw: 22 31 37 35 30 22 5d 2c 62 6f 64 79 5b 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 31 37 35 30 22 5d 20 5b 64 61 74 61 2d 61 6f 73 5d 7b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 65 6c 61 79 3a 30 7d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 31 37 35 30 22 5d 2e 61 6f 73 2d 61 6e 69 6d 61 74 65 2c 62 6f 64 79 5b 64 61 74 61 2d 61 6f 73 2d 64 65 6c 61 79 3d 22 31 37 35 30 22 5d 20 5b 64 61 74 61 2d 61 6f 73 5d 2e 61 6f 73 2d 61 6e 69 6d 61 74 65 7b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 65 6c 61 79 3a 31 2e 37 35 73 7d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 5d 5b 64 61 74 61 2d 61 6f 73 2d 64 75 72 61 74 69 6f 6e 3d 22 31 38 30 30 22 5d 2c 62 6f 64 79 5b 64 61 74 61 2d 61 6f
                                                                                                                                                                                                                                                                                      Data Ascii: "1750"],body[data-aos-delay="1750"] [data-aos]{transition-delay:0}[data-aos][data-aos][data-aos-delay="1750"].aos-animate,body[data-aos-delay="1750"] [data-aos].aos-animate{transition-delay:1.75s}[data-aos][data-aos][data-aos-duration="1800"],body[data-ao


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      3192.168.2.449742104.17.248.2034437196C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:13 UTC560OUTGET /aos@2.3.1/dist/aos.js HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: unpkg.com
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"
                                                                                                                                                                                                                                                                                      sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                      sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                      Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                      Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                      Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC576INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Fri, 20 Dec 2024 11:05:13 GMT
                                                                                                                                                                                                                                                                                      Content-Type: application/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      access-control-allow-origin: *
                                                                                                                                                                                                                                                                                      cache-control: public, max-age=31536000
                                                                                                                                                                                                                                                                                      last-modified: Thu, 17 May 2018 22:11:13 GMT
                                                                                                                                                                                                                                                                                      etag: W/"379f-cNv9OKDx/DsafZ+tq1h4ZITDTxc"
                                                                                                                                                                                                                                                                                      via: 1.1 fly.io
                                                                                                                                                                                                                                                                                      fly-request-id: 01JDVSC3E1TKMRCHV6F0Y2JDS9-lga
                                                                                                                                                                                                                                                                                      CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                      Age: 1814570
                                                                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                                                                      CF-RAY: 8f4f27f5ba124356-EWR
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC793INData Raw: 33 37 39 66 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 74 28 29 3a 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 5b 5d 2c 74 29 3a 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 3f 65 78 70 6f 72 74 73 2e 41 4f 53 3d 74 28 29 3a 65 2e 41 4f 53 3d 74 28 29 7d 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 66 75 6e 63 74 69 6f 6e 20 74 28 6f 29 7b 69 66 28 6e 5b 6f 5d 29 72 65 74 75 72
                                                                                                                                                                                                                                                                                      Data Ascii: 379f!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports.AOS=t():e.AOS=t()}(this,function(){return function(e){function t(o){if(n[o])retur
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC1369INData Raw: 78 3d 64 6f 63 75 6d 65 6e 74 2e 61 6c 6c 26 26 21 77 69 6e 64 6f 77 2e 61 74 6f 62 2c 6a 3d 7b 6f 66 66 73 65 74 3a 31 32 30 2c 64 65 6c 61 79 3a 30 2c 65 61 73 69 6e 67 3a 22 65 61 73 65 22 2c 64 75 72 61 74 69 6f 6e 3a 34 30 30 2c 64 69 73 61 62 6c 65 3a 21 31 2c 6f 6e 63 65 3a 21 31 2c 73 74 61 72 74 45 76 65 6e 74 3a 22 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 22 2c 74 68 72 6f 74 74 6c 65 44 65 6c 61 79 3a 39 39 2c 64 65 62 6f 75 6e 63 65 44 65 6c 61 79 3a 35 30 2c 64 69 73 61 62 6c 65 4d 75 74 61 74 69 6f 6e 4f 62 73 65 72 76 65 72 3a 21 31 7d 2c 4f 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3e 30 26 26 76 6f 69 64 20 30 21 3d 3d 61 72 67 75 6d 65 6e 74 73 5b 30 5d 26 26 61 72 67 75
                                                                                                                                                                                                                                                                                      Data Ascii: x=document.all&&!window.atob,j={offset:120,delay:0,easing:"ease",duration:400,disable:!1,once:!1,startEvent:"DOMContentLoaded",throttleDelay:99,debounceDelay:50,disableMutationObserver:!1},O=function(){var e=arguments.length>0&&void 0!==arguments[0]&&argu
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC1369INData Raw: 2c 28 30 2c 66 2e 64 65 66 61 75 6c 74 29 28 4f 2c 6a 2e 64 65 62 6f 75 6e 63 65 44 65 6c 61 79 2c 21 30 29 29 2c 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 73 63 72 6f 6c 6c 22 2c 28 30 2c 75 2e 64 65 66 61 75 6c 74 29 28 66 75 6e 63 74 69 6f 6e 28 29 7b 28 30 2c 62 2e 64 65 66 61 75 6c 74 29 28 77 2c 6a 2e 6f 6e 63 65 29 7d 2c 6a 2e 74 68 72 6f 74 74 6c 65 44 65 6c 61 79 29 29 2c 6a 2e 64 69 73 61 62 6c 65 4d 75 74 61 74 69 6f 6e 4f 62 73 65 72 76 65 72 7c 7c 28 30 2c 64 2e 64 65 66 61 75 6c 74 29 28 22 5b 64 61 74 61 2d 61 6f 73 5d 22 2c 5f 29 2c 77 29 7d 3b 65 2e 65 78 70 6f 72 74 73 3d 7b 69 6e 69 74 3a 41 2c 72 65 66 72 65 73 68 3a 4f 2c 72 65 66 72 65 73 68 48 61 72 64 3a 5f 7d 7d 2c 66 75 6e 63 74 69 6f 6e 28 65 2c
                                                                                                                                                                                                                                                                                      Data Ascii: ,(0,f.default)(O,j.debounceDelay,!0)),window.addEventListener("scroll",(0,u.default)(function(){(0,b.default)(w,j.once)},j.throttleDelay)),j.disableMutationObserver||(0,d.default)("[data-aos]",_),w)};e.exports={init:A,refresh:O,refreshHard:_}},function(e,
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC1369INData Raw: 28 65 29 7b 76 61 72 20 74 3d 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 65 3f 22 75 6e 64 65 66 69 6e 65 64 22 3a 63 28 65 29 3b 72 65 74 75 72 6e 21 21 65 26 26 28 22 6f 62 6a 65 63 74 22 3d 3d 74 7c 7c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 29 7d 66 75 6e 63 74 69 6f 6e 20 72 28 65 29 7b 72 65 74 75 72 6e 21 21 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 28 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 65 3f 22 75 6e 64 65 66 69 6e 65 64 22 3a 63 28 65 29 29 7d 66 75 6e 63 74 69 6f 6e 20 61 28 65 29 7b 72 65 74 75 72 6e 22 73 79 6d 62 6f 6c 22 3d 3d 28 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 65 3f 22 75 6e 64 65 66 69 6e 65 64 22 3a 63 28 65 29 29 7c 7c 72 28 65 29 26 26 6b 2e 63 61 6c 6c 28 65 29 3d 3d 64
                                                                                                                                                                                                                                                                                      Data Ascii: (e){var t="undefined"==typeof e?"undefined":c(e);return!!e&&("object"==t||"function"==t)}function r(e){return!!e&&"object"==("undefined"==typeof e?"undefined":c(e))}function a(e){return"symbol"==("undefined"==typeof e?"undefined":c(e))||r(e)&&k.call(e)==d
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC1369INData Raw: 3a 67 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 29 7b 76 61 72 20 6e 3d 65 2d 77 2c 6f 3d 65 2d 4f 2c 69 3d 74 2d 6e 3b 72 65 74 75 72 6e 20 53 3f 78 28 69 2c 79 2d 6f 29 3a 69 7d 66 75 6e 63 74 69 6f 6e 20 66 28 65 29 7b 76 61 72 20 6e 3d 65 2d 77 2c 6f 3d 65 2d 4f 3b 72 65 74 75 72 6e 20 76 6f 69 64 20 30 3d 3d 3d 77 7c 7c 6e 3e 3d 74 7c 7c 6e 3c 30 7c 7c 53 26 26 6f 3e 3d 79 7d 66 75 6e 63 74 69 6f 6e 20 73 28 29 7b 76 61 72 20 65 3d 6a 28 29 3b 72 65 74 75 72 6e 20 66 28 65 29 3f 64 28 65 29 3a 76 6f 69 64 28 68 3d 73 65 74 54 69 6d 65 6f 75 74 28 73 2c 75 28 65 29 29 29 7d 66 75 6e 63 74 69 6f 6e 20 64 28 65 29 7b 72 65 74 75 72 6e 20 68 3d 76 6f 69 64 20 30 2c 7a 26 26 62 3f 69 28 65 29 3a 28 62 3d 76 3d 76 6f 69 64 20 30 2c 67 29 7d 66 75 6e 63 74 69
                                                                                                                                                                                                                                                                                      Data Ascii: :g}function u(e){var n=e-w,o=e-O,i=t-n;return S?x(i,y-o):i}function f(e){var n=e-w,o=e-O;return void 0===w||n>=t||n<0||S&&o>=y}function s(){var e=j();return f(e)?d(e):void(h=setTimeout(s,u(e)))}function d(e){return h=void 0,z&&b?i(e):(b=v=void 0,g)}functi
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC1369INData Raw: 72 6e 20 65 26 26 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 26 26 65 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 3d 3d 53 79 6d 62 6f 6c 26 26 65 21 3d 3d 53 79 6d 62 6f 6c 2e 70 72 6f 74 6f 74 79 70 65 3f 22 73 79 6d 62 6f 6c 22 3a 74 79 70 65 6f 66 20 65 7d 2c 63 3d 22 45 78 70 65 63 74 65 64 20 61 20 66 75 6e 63 74 69 6f 6e 22 2c 66 3d 4e 61 4e 2c 73 3d 22 5b 6f 62 6a 65 63 74 20 53 79 6d 62 6f 6c 5d 22 2c 64 3d 2f 5e 5c 73 2b 7c 5c 73 2b 24 2f 67 2c 6c 3d 2f 5e 5b 2d 2b 5d 30 78 5b 30 2d 39 61 2d 66 5d 2b 24 2f 69 2c 70 3d 2f 5e 30 62 5b 30 31 5d 2b 24 2f 69 2c 6d 3d 2f 5e 30 6f 5b 30 2d 37 5d 2b 24 2f 69 2c 62 3d 70 61 72 73 65 49 6e 74 2c 76 3d 22 6f 62 6a 65 63 74 22 3d 3d 28 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79
                                                                                                                                                                                                                                                                                      Data Ascii: rn e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},c="Expected a function",f=NaN,s="[object Symbol]",d=/^\s+|\s+$/g,l=/^[-+]0x[0-9a-f]+$/i,p=/^0b[01]+$/i,m=/^0o[0-7]+$/i,b=parseInt,v="object"==("undefined"==ty
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC1369INData Raw: 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 65 28 65 2c 74 29 7b 66 6f 72 28 76 61 72 20 6e 3d 30 3b 6e 3c 74 2e 6c 65 6e 67 74 68 3b 6e 2b 2b 29 7b 76 61 72 20 6f 3d 74 5b 6e 5d 3b 6f 2e 65 6e 75 6d 65 72 61 62 6c 65 3d 6f 2e 65 6e 75 6d 65 72 61 62 6c 65 7c 7c 21 31 2c 6f 2e 63 6f 6e 66 69 67 75 72 61 62 6c 65 3d 21 30 2c 22 76 61 6c 75 65 22 69 6e 20 6f 26 26 28 6f 2e 77 72 69 74 61 62 6c 65 3d 21 30 29 2c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 65 2c 6f 2e 6b 65 79 2c 6f 29 7d 7d 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 74 2c 6e 2c 6f 29 7b 72 65 74 75 72 6e 20 6e 26 26 65 28 74 2e 70 72 6f 74 6f 74 79 70 65 2c 6e 29 2c 6f 26 26 65 28 74 2c 6f 29 2c 74 7d 7d 28 29 2c 72 3d 2f 28 61 6e 64 72 6f 69 64
                                                                                                                                                                                                                                                                                      Data Ascii: =function(){function e(e,t){for(var n=0;n<t.length;n++){var o=t[n];o.enumerable=o.enumerable||!1,o.configurable=!0,"value"in o&&(o.writable=!0),Object.defineProperty(e,o.key,o)}}return function(t,n,o){return n&&e(t.prototype,n),o&&e(t,o),t}}(),r=/(android
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC1369INData Raw: 73 29 7c 6d 6d 65 66 7c 6d 6f 28 30 31 7c 30 32 7c 62 69 7c 64 65 7c 64 6f 7c 74 28 5c 2d 7c 20 7c 6f 7c 76 29 7c 7a 7a 29 7c 6d 74 28 35 30 7c 70 31 7c 76 20 29 7c 6d 77 62 70 7c 6d 79 77 61 7c 6e 31 30 5b 30 2d 32 5d 7c 6e 32 30 5b 32 2d 33 5d 7c 6e 33 30 28 30 7c 32 29 7c 6e 35 30 28 30 7c 32 7c 35 29 7c 6e 37 28 30 28 30 7c 31 29 7c 31 30 29 7c 6e 65 28 28 63 7c 6d 29 5c 2d 7c 6f 6e 7c 74 66 7c 77 66 7c 77 67 7c 77 74 29 7c 6e 6f 6b 28 36 7c 69 29 7c 6e 7a 70 68 7c 6f 32 69 6d 7c 6f 70 28 74 69 7c 77 76 29 7c 6f 72 61 6e 7c 6f 77 67 31 7c 70 38 30 30 7c 70 61 6e 28 61 7c 64 7c 74 29 7c 70 64 78 67 7c 70 67 28 31 33 7c 5c 2d 28 5b 31 2d 38 5d 7c 63 29 29 7c 70 68 69 6c 7c 70 69 72 65 7c 70 6c 28 61 79 7c 75 63 29 7c 70 6e 5c 2d 32 7c 70 6f 28 63 6b 7c
                                                                                                                                                                                                                                                                                      Data Ascii: s)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC1369INData Raw: 63 35 35 5c 2f 7c 63 61 70 69 7c 63 63 77 61 7c 63 64 6d 5c 2d 7c 63 65 6c 6c 7c 63 68 74 6d 7c 63 6c 64 63 7c 63 6d 64 5c 2d 7c 63 6f 28 6d 70 7c 6e 64 29 7c 63 72 61 77 7c 64 61 28 69 74 7c 6c 6c 7c 6e 67 29 7c 64 62 74 65 7c 64 63 5c 2d 73 7c 64 65 76 69 7c 64 69 63 61 7c 64 6d 6f 62 7c 64 6f 28 63 7c 70 29 6f 7c 64 73 28 31 32 7c 5c 2d 64 29 7c 65 6c 28 34 39 7c 61 69 29 7c 65 6d 28 6c 32 7c 75 6c 29 7c 65 72 28 69 63 7c 6b 30 29 7c 65 73 6c 38 7c 65 7a 28 5b 34 2d 37 5d 30 7c 6f 73 7c 77 61 7c 7a 65 29 7c 66 65 74 63 7c 66 6c 79 28 5c 2d 7c 5f 29 7c 67 31 20 75 7c 67 35 36 30 7c 67 65 6e 65 7c 67 66 5c 2d 35 7c 67 5c 2d 6d 6f 7c 67 6f 28 5c 2e 77 7c 6f 64 29 7c 67 72 28 61 64 7c 75 6e 29 7c 68 61 69 65 7c 68 63 69 74 7c 68 64 5c 2d 28 6d 7c 70 7c 74
                                                                                                                                                                                                                                                                                      Data Ascii: c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC1369INData Raw: 73 5c 2d 7c 79 6f 75 72 7c 7a 65 74 6f 7c 7a 74 65 5c 2d 2f 69 2c 66 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 65 28 29 7b 6e 28 74 68 69 73 2c 65 29 7d 72 65 74 75 72 6e 20 69 28 65 2c 5b 7b 6b 65 79 3a 22 70 68 6f 6e 65 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 6f 28 29 3b 72 65 74 75 72 6e 21 28 21 72 2e 74 65 73 74 28 65 29 26 26 21 61 2e 74 65 73 74 28 65 2e 73 75 62 73 74 72 28 30 2c 34 29 29 29 7d 7d 2c 7b 6b 65 79 3a 22 6d 6f 62 69 6c 65 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 6f 28 29 3b 72 65 74 75 72 6e 21 28 21 75 2e 74 65 73 74 28 65 29 26 26 21 63 2e 74 65 73 74 28 65 2e 73 75 62 73 74 72 28 30 2c 34 29 29 29 7d 7d 2c 7b 6b 65 79 3a 22 74 61 62 6c 65 74
                                                                                                                                                                                                                                                                                      Data Ascii: s\-|your|zeto|zte\-/i,f=function(){function e(){n(this,e)}return i(e,[{key:"phone",value:function(){var e=o();return!(!r.test(e)&&!a.test(e.substr(0,4)))}},{key:"mobile",value:function(){var e=o();return!(!u.test(e)&&!c.test(e.substr(0,4)))}},{key:"tablet


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      4192.168.2.449743104.17.248.2034437196C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:13 UTC549OUTGET /tippy.js@6 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: unpkg.com
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"
                                                                                                                                                                                                                                                                                      sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                      sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                      Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                      Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                      Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC522INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                                      Date: Fri, 20 Dec 2024 11:05:13 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/plain; charset=utf-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      access-control-allow-origin: *
                                                                                                                                                                                                                                                                                      cache-control: public, s-maxage=600, max-age=60
                                                                                                                                                                                                                                                                                      location: /tippy.js@6.3.7
                                                                                                                                                                                                                                                                                      vary: Accept
                                                                                                                                                                                                                                                                                      via: 1.1 fly.io
                                                                                                                                                                                                                                                                                      fly-request-id: 01JFHVG3F1GG109D1S9A0ZM7VA-lga
                                                                                                                                                                                                                                                                                      CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                      Age: 403
                                                                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                                                                      CF-RAY: 8f4f27f5ba104340-EWR
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC43INData Raw: 32 35 0d 0a 46 6f 75 6e 64 2e 20 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 2f 74 69 70 70 79 2e 6a 73 40 36 2e 33 2e 37 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 25Found. Redirecting to /tippy.js@6.3.7
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      5192.168.2.449741104.17.248.2034437196C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:13 UTC555OUTGET /@popperjs/core@2 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: unpkg.com
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"
                                                                                                                                                                                                                                                                                      sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                      sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                      Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                      Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                      Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC529INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                                      Date: Fri, 20 Dec 2024 11:05:13 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/plain; charset=utf-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      access-control-allow-origin: *
                                                                                                                                                                                                                                                                                      cache-control: public, s-maxage=600, max-age=60
                                                                                                                                                                                                                                                                                      location: /@popperjs/core@2.11.8
                                                                                                                                                                                                                                                                                      vary: Accept
                                                                                                                                                                                                                                                                                      via: 1.1 fly.io
                                                                                                                                                                                                                                                                                      fly-request-id: 01JFHVS8Y93C0JM70Q9HGV36MY-lga
                                                                                                                                                                                                                                                                                      CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                      Age: 102
                                                                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                                                                      CF-RAY: 8f4f27f5df11efa7-EWR
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC50INData Raw: 32 63 0d 0a 46 6f 75 6e 64 2e 20 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 2f 40 70 6f 70 70 65 72 6a 73 2f 63 6f 72 65 40 32 2e 31 31 2e 38 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 2cFound. Redirecting to /@popperjs/core@2.11.8
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      6192.168.2.449746172.67.41.164437196C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:13 UTC549OUTGET / HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: cdn.tailwindcss.com
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"
                                                                                                                                                                                                                                                                                      sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                      sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                      Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                      Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                      Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC363INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                                      Date: Fri, 20 Dec 2024 11:05:13 GMT
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: max-age=14400
                                                                                                                                                                                                                                                                                      location: /3.4.16
                                                                                                                                                                                                                                                                                      strict-transport-security: max-age=63072000
                                                                                                                                                                                                                                                                                      x-vercel-cache: MISS
                                                                                                                                                                                                                                                                                      x-vercel-id: cle1::iad1::d9xxx-1734691656469-13d23859b81d
                                                                                                                                                                                                                                                                                      CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                      Age: 500
                                                                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                                                                      CF-RAY: 8f4f27f63d62f5fa-EWR
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      7192.168.2.449751151.101.129.2294437196C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:14 UTC415OUTGET /particles.js/2.0.0/particles.min.js HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: cdn.jsdelivr.net
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                      Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                      Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                      Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC723INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Content-Length: 23364
                                                                                                                                                                                                                                                                                      Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                      Access-Control-Expose-Headers: *
                                                                                                                                                                                                                                                                                      Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=31536000, s-maxage=31536000, immutable
                                                                                                                                                                                                                                                                                      Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                      Content-Type: application/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                      ETag: W/"5b44-gBf4sYaQd9tyhXPxykaEoAr2lGI"
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      Age: 213386
                                                                                                                                                                                                                                                                                      Date: Fri, 20 Dec 2024 11:05:15 GMT
                                                                                                                                                                                                                                                                                      X-Served-By: cache-fra-eddf8230124-FRA, cache-ewr-kewr1740026-EWR
                                                                                                                                                                                                                                                                                      X-Cache: HIT, HIT
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC1378INData Raw: 2f 2a 20 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0a 2f 2a 20 41 75 74 68 6f 72 20 3a 20 56 69 6e 63 65 6e 74 20 47 61 72 72 65 61 75 20 20 2d 20 76 69 6e 63 65 6e 74 67 61 72 72 65 61 75 2e 63 6f 6d 0a 2f 2a 20 4d 49 54 20 6c 69 63 65 6e 73 65 3a 20 68 74 74 70 3a 2f 2f 6f 70 65 6e 73 6f 75 72 63 65 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 73 2f 4d 49 54 0a 2f 2a 20 44 65 6d 6f 20 2f 20 47 65 6e 65 72 61 74 6f 72 20 3a 20 76 69 6e 63 65 6e 74 67 61 72 72 65 61 75 2e 63 6f 6d 2f 70 61 72 74 69 63 6c 65 73 2e 6a 73 0a 2f 2a 20 47 69 74 48 75 62 20 3a 20 67 69 74 68 75 62 2e 63 6f 6d 2f 56 69 6e 63 65 6e 74 47 61 72 72 65 61 75 2f 70 61 72 74 69 63 6c 65 73 2e 6a
                                                                                                                                                                                                                                                                                      Data Ascii: /* -----------------------------------------------/* Author : Vincent Garreau - vincentgarreau.com/* MIT license: http://opensource.org/licenses/MIT/* Demo / Generator : vincentgarreau.com/particles.js/* GitHub : github.com/VincentGarreau/particles.j
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC1378INData Raw: 74 61 74 65 58 3a 33 65 33 2c 72 6f 74 61 74 65 59 3a 33 65 33 7d 7d 2c 61 72 72 61 79 3a 5b 5d 7d 2c 69 6e 74 65 72 61 63 74 69 76 69 74 79 3a 7b 64 65 74 65 63 74 5f 6f 6e 3a 22 63 61 6e 76 61 73 22 2c 65 76 65 6e 74 73 3a 7b 6f 6e 68 6f 76 65 72 3a 7b 65 6e 61 62 6c 65 3a 21 30 2c 6d 6f 64 65 3a 22 67 72 61 62 22 7d 2c 6f 6e 63 6c 69 63 6b 3a 7b 65 6e 61 62 6c 65 3a 21 30 2c 6d 6f 64 65 3a 22 70 75 73 68 22 7d 2c 72 65 73 69 7a 65 3a 21 30 7d 2c 6d 6f 64 65 73 3a 7b 67 72 61 62 3a 7b 64 69 73 74 61 6e 63 65 3a 31 30 30 2c 6c 69 6e 65 5f 6c 69 6e 6b 65 64 3a 7b 6f 70 61 63 69 74 79 3a 31 7d 7d 2c 62 75 62 62 6c 65 3a 7b 64 69 73 74 61 6e 63 65 3a 32 30 30 2c 73 69 7a 65 3a 38 30 2c 64 75 72 61 74 69 6f 6e 3a 2e 34 7d 2c 72 65 70 75 6c 73 65 3a 7b 64 69
                                                                                                                                                                                                                                                                                      Data Ascii: tateX:3e3,rotateY:3e3}},array:[]},interactivity:{detect_on:"canvas",events:{onhover:{enable:!0,mode:"grab"},onclick:{enable:!0,mode:"push"},resize:!0},modes:{grab:{distance:100,line_linked:{opacity:1}},bubble:{distance:200,size:80,duration:.4},repulse:{di
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC1378INData Raw: 2e 64 69 73 74 61 6e 63 65 3d 69 2e 74 6d 70 2e 6f 62 6a 2e 6c 69 6e 65 5f 6c 69 6e 6b 65 64 5f 64 69 73 74 61 6e 63 65 2a 69 2e 63 61 6e 76 61 73 2e 70 78 72 61 74 69 6f 2c 69 2e 69 6e 74 65 72 61 63 74 69 76 69 74 79 2e 6d 6f 64 65 73 2e 67 72 61 62 2e 64 69 73 74 61 6e 63 65 3d 69 2e 74 6d 70 2e 6f 62 6a 2e 6d 6f 64 65 5f 67 72 61 62 5f 64 69 73 74 61 6e 63 65 2a 69 2e 63 61 6e 76 61 73 2e 70 78 72 61 74 69 6f 2c 69 2e 69 6e 74 65 72 61 63 74 69 76 69 74 79 2e 6d 6f 64 65 73 2e 62 75 62 62 6c 65 2e 64 69 73 74 61 6e 63 65 3d 69 2e 74 6d 70 2e 6f 62 6a 2e 6d 6f 64 65 5f 62 75 62 62 6c 65 5f 64 69 73 74 61 6e 63 65 2a 69 2e 63 61 6e 76 61 73 2e 70 78 72 61 74 69 6f 2c 69 2e 70 61 72 74 69 63 6c 65 73 2e 6c 69 6e 65 5f 6c 69 6e 6b 65 64 2e 77 69 64 74 68
                                                                                                                                                                                                                                                                                      Data Ascii: .distance=i.tmp.obj.line_linked_distance*i.canvas.pxratio,i.interactivity.modes.grab.distance=i.tmp.obj.mode_grab_distance*i.canvas.pxratio,i.interactivity.modes.bubble.distance=i.tmp.obj.mode_bubble_distance*i.canvas.pxratio,i.particles.line_linked.width
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC1378INData Raw: 69 7a 65 5f 73 74 61 74 75 73 3d 21 31 2c 74 68 69 73 2e 76 73 3d 69 2e 70 61 72 74 69 63 6c 65 73 2e 73 69 7a 65 2e 61 6e 69 6d 2e 73 70 65 65 64 2f 31 30 30 2c 69 2e 70 61 72 74 69 63 6c 65 73 2e 73 69 7a 65 2e 61 6e 69 6d 2e 73 79 6e 63 7c 7c 28 74 68 69 73 2e 76 73 3d 74 68 69 73 2e 76 73 2a 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 29 29 2c 74 68 69 73 2e 78 3d 74 3f 74 2e 78 3a 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 2a 69 2e 63 61 6e 76 61 73 2e 77 2c 74 68 69 73 2e 79 3d 74 3f 74 2e 79 3a 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 2a 69 2e 63 61 6e 76 61 73 2e 68 2c 74 68 69 73 2e 78 3e 69 2e 63 61 6e 76 61 73 2e 77 2d 32 2a 74 68 69 73 2e 72 61 64 69 75 73 3f 74 68 69 73 2e 78 3d 74 68 69 73 2e 78 2d 74 68 69 73 2e 72 61 64 69 75 73 3a 74 68 69 73 2e 78
                                                                                                                                                                                                                                                                                      Data Ascii: ize_status=!1,this.vs=i.particles.size.anim.speed/100,i.particles.size.anim.sync||(this.vs=this.vs*Math.random())),this.x=t?t.x:Math.random()*i.canvas.w,this.y=t?t.y:Math.random()*i.canvas.h,this.x>i.canvas.w-2*this.radius?this.x=this.x-this.radius:this.x
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC1378INData Raw: 63 61 73 65 22 74 6f 70 22 3a 6e 3d 7b 78 3a 30 2c 79 3a 2d 31 7d 3b 62 72 65 61 6b 3b 63 61 73 65 22 74 6f 70 2d 72 69 67 68 74 22 3a 6e 3d 7b 78 3a 2e 35 2c 79 3a 2d 2e 35 7d 3b 62 72 65 61 6b 3b 63 61 73 65 22 72 69 67 68 74 22 3a 6e 3d 7b 78 3a 31 2c 79 3a 2d 30 7d 3b 62 72 65 61 6b 3b 63 61 73 65 22 62 6f 74 74 6f 6d 2d 72 69 67 68 74 22 3a 6e 3d 7b 78 3a 2e 35 2c 79 3a 2e 35 7d 3b 62 72 65 61 6b 3b 63 61 73 65 22 62 6f 74 74 6f 6d 22 3a 6e 3d 7b 78 3a 30 2c 79 3a 31 7d 3b 62 72 65 61 6b 3b 63 61 73 65 22 62 6f 74 74 6f 6d 2d 6c 65 66 74 22 3a 6e 3d 7b 78 3a 2d 2e 35 2c 79 3a 31 7d 3b 62 72 65 61 6b 3b 63 61 73 65 22 6c 65 66 74 22 3a 6e 3d 7b 78 3a 2d 31 2c 79 3a 30 7d 3b 62 72 65 61 6b 3b 63 61 73 65 22 74 6f 70 2d 6c 65 66 74 22 3a 6e 3d 7b 78 3a
                                                                                                                                                                                                                                                                                      Data Ascii: case"top":n={x:0,y:-1};break;case"top-right":n={x:.5,y:-.5};break;case"right":n={x:1,y:-0};break;case"bottom-right":n={x:.5,y:.5};break;case"bottom":n={x:0,y:1};break;case"bottom-left":n={x:-.5,y:1};break;case"left":n={x:-1,y:0};break;case"top-left":n={x:
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC1378INData Raw: 77 69 74 63 68 28 69 2e 63 61 6e 76 61 73 2e 63 74 78 2e 66 69 6c 6c 53 74 79 6c 65 3d 6e 2c 69 2e 63 61 6e 76 61 73 2e 63 74 78 2e 62 65 67 69 6e 50 61 74 68 28 29 2c 61 2e 73 68 61 70 65 29 7b 63 61 73 65 22 63 69 72 63 6c 65 22 3a 69 2e 63 61 6e 76 61 73 2e 63 74 78 2e 61 72 63 28 61 2e 78 2c 61 2e 79 2c 74 2c 30 2c 32 2a 4d 61 74 68 2e 50 49 2c 21 31 29 3b 62 72 65 61 6b 3b 63 61 73 65 22 65 64 67 65 22 3a 69 2e 63 61 6e 76 61 73 2e 63 74 78 2e 72 65 63 74 28 61 2e 78 2d 74 2c 61 2e 79 2d 74 2c 32 2a 74 2c 32 2a 74 29 3b 62 72 65 61 6b 3b 63 61 73 65 22 74 72 69 61 6e 67 6c 65 22 3a 69 2e 66 6e 2e 76 65 6e 64 6f 72 73 2e 64 72 61 77 53 68 61 70 65 28 69 2e 63 61 6e 76 61 73 2e 63 74 78 2c 61 2e 78 2d 74 2c 61 2e 79 2b 74 2f 31 2e 36 36 2c 32 2a 74 2c
                                                                                                                                                                                                                                                                                      Data Ascii: witch(i.canvas.ctx.fillStyle=n,i.canvas.ctx.beginPath(),a.shape){case"circle":i.canvas.ctx.arc(a.x,a.y,t,0,2*Math.PI,!1);break;case"edge":i.canvas.ctx.rect(a.x-t,a.y-t,2*t,2*t);break;case"triangle":i.fn.vendors.drawShape(i.canvas.ctx,a.x-t,a.y+t/1.66,2*t,
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC1378INData Raw: 2e 70 61 72 74 69 63 6c 65 73 2e 6f 70 61 63 69 74 79 2e 76 61 6c 75 65 26 26 28 61 2e 6f 70 61 63 69 74 79 5f 73 74 61 74 75 73 3d 21 31 29 2c 61 2e 6f 70 61 63 69 74 79 2b 3d 61 2e 76 6f 29 3a 28 61 2e 6f 70 61 63 69 74 79 3c 3d 69 2e 70 61 72 74 69 63 6c 65 73 2e 6f 70 61 63 69 74 79 2e 61 6e 69 6d 2e 6f 70 61 63 69 74 79 5f 6d 69 6e 26 26 28 61 2e 6f 70 61 63 69 74 79 5f 73 74 61 74 75 73 3d 21 30 29 2c 61 2e 6f 70 61 63 69 74 79 2d 3d 61 2e 76 6f 29 2c 61 2e 6f 70 61 63 69 74 79 3c 30 26 26 28 61 2e 6f 70 61 63 69 74 79 3d 30 29 29 2c 69 2e 70 61 72 74 69 63 6c 65 73 2e 73 69 7a 65 2e 61 6e 69 6d 2e 65 6e 61 62 6c 65 26 26 28 31 3d 3d 61 2e 73 69 7a 65 5f 73 74 61 74 75 73 3f 28 61 2e 72 61 64 69 75 73 3e 3d 69 2e 70 61 72 74 69 63 6c 65 73 2e 73 69
                                                                                                                                                                                                                                                                                      Data Ascii: .particles.opacity.value&&(a.opacity_status=!1),a.opacity+=a.vo):(a.opacity<=i.particles.opacity.anim.opacity_min&&(a.opacity_status=!0),a.opacity-=a.vo),a.opacity<0&&(a.opacity=0)),i.particles.size.anim.enable&&(1==a.size_status?(a.radius>=i.particles.si
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC1378INData Raw: 2e 65 76 65 6e 74 73 2e 6f 6e 63 6c 69 63 6b 2e 6d 6f 64 65 29 29 26 26 69 2e 66 6e 2e 6d 6f 64 65 73 2e 72 65 70 75 6c 73 65 50 61 72 74 69 63 6c 65 28 61 29 2c 69 2e 70 61 72 74 69 63 6c 65 73 2e 6c 69 6e 65 5f 6c 69 6e 6b 65 64 2e 65 6e 61 62 6c 65 7c 7c 69 2e 70 61 72 74 69 63 6c 65 73 2e 6d 6f 76 65 2e 61 74 74 72 61 63 74 2e 65 6e 61 62 6c 65 29 66 6f 72 28 76 61 72 20 6e 3d 65 2b 31 3b 6e 3c 69 2e 70 61 72 74 69 63 6c 65 73 2e 61 72 72 61 79 2e 6c 65 6e 67 74 68 3b 6e 2b 2b 29 7b 76 61 72 20 72 3d 69 2e 70 61 72 74 69 63 6c 65 73 2e 61 72 72 61 79 5b 6e 5d 3b 69 2e 70 61 72 74 69 63 6c 65 73 2e 6c 69 6e 65 5f 6c 69 6e 6b 65 64 2e 65 6e 61 62 6c 65 26 26 69 2e 66 6e 2e 69 6e 74 65 72 61 63 74 2e 6c 69 6e 6b 50 61 72 74 69 63 6c 65 73 28 61 2c 72 29
                                                                                                                                                                                                                                                                                      Data Ascii: .events.onclick.mode))&&i.fn.modes.repulseParticle(a),i.particles.line_linked.enable||i.particles.move.attract.enable)for(var n=e+1;n<i.particles.array.length;n++){var r=i.particles.array[n];i.particles.line_linked.enable&&i.fn.interact.linkParticles(a,r)
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC1378INData Raw: 65 28 29 2c 69 2e 63 61 6e 76 61 73 2e 63 74 78 2e 63 6c 6f 73 65 50 61 74 68 28 29 7d 7d 7d 2c 69 2e 66 6e 2e 69 6e 74 65 72 61 63 74 2e 61 74 74 72 61 63 74 50 61 72 74 69 63 6c 65 73 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 61 29 7b 76 61 72 20 74 3d 65 2e 78 2d 61 2e 78 2c 73 3d 65 2e 79 2d 61 2e 79 2c 6e 3d 4d 61 74 68 2e 73 71 72 74 28 74 2a 74 2b 73 2a 73 29 3b 69 66 28 6e 3c 3d 69 2e 70 61 72 74 69 63 6c 65 73 2e 6c 69 6e 65 5f 6c 69 6e 6b 65 64 2e 64 69 73 74 61 6e 63 65 29 7b 76 61 72 20 72 3d 74 2f 28 31 65 33 2a 69 2e 70 61 72 74 69 63 6c 65 73 2e 6d 6f 76 65 2e 61 74 74 72 61 63 74 2e 72 6f 74 61 74 65 58 29 2c 63 3d 73 2f 28 31 65 33 2a 69 2e 70 61 72 74 69 63 6c 65 73 2e 6d 6f 76 65 2e 61 74 74 72 61 63 74 2e 72 6f 74 61 74 65 59 29 3b 65 2e 76
                                                                                                                                                                                                                                                                                      Data Ascii: e(),i.canvas.ctx.closePath()}}},i.fn.interact.attractParticles=function(e,a){var t=e.x-a.x,s=e.y-a.y,n=Math.sqrt(t*t+s*s);if(n<=i.particles.line_linked.distance){var r=t/(1e3*i.particles.move.attract.rotateX),c=s/(1e3*i.particles.move.attract.rotateY);e.v
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC1378INData Raw: 26 28 65 2e 6f 70 61 63 69 74 79 5f 62 75 62 62 6c 65 3d 64 29 7d 7d 65 6c 73 65 22 73 69 7a 65 22 3d 3d 63 26 26 28 65 2e 72 61 64 69 75 73 5f 62 75 62 62 6c 65 3d 76 6f 69 64 20 30 29 2c 22 6f 70 61 63 69 74 79 22 3d 3d 63 26 26 28 65 2e 6f 70 61 63 69 74 79 5f 62 75 62 62 6c 65 3d 76 6f 69 64 20 30 29 7d 69 66 28 69 2e 69 6e 74 65 72 61 63 74 69 76 69 74 79 2e 65 76 65 6e 74 73 2e 6f 6e 68 6f 76 65 72 2e 65 6e 61 62 6c 65 26 26 69 73 49 6e 41 72 72 61 79 28 22 62 75 62 62 6c 65 22 2c 69 2e 69 6e 74 65 72 61 63 74 69 76 69 74 79 2e 65 76 65 6e 74 73 2e 6f 6e 68 6f 76 65 72 2e 6d 6f 64 65 29 29 7b 76 61 72 20 73 3d 65 2e 78 2d 69 2e 69 6e 74 65 72 61 63 74 69 76 69 74 79 2e 6d 6f 75 73 65 2e 70 6f 73 5f 78 2c 6e 3d 65 2e 79 2d 69 2e 69 6e 74 65 72 61 63
                                                                                                                                                                                                                                                                                      Data Ascii: &(e.opacity_bubble=d)}}else"size"==c&&(e.radius_bubble=void 0),"opacity"==c&&(e.opacity_bubble=void 0)}if(i.interactivity.events.onhover.enable&&isInArray("bubble",i.interactivity.events.onhover.mode)){var s=e.x-i.interactivity.mouse.pos_x,n=e.y-i.interac


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      8192.168.2.449752104.17.248.2034437196C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC553OUTGET /tippy.js@6.3.7 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: unpkg.com
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"
                                                                                                                                                                                                                                                                                      sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                      sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                      Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                      Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                      Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC547INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                                      Date: Fri, 20 Dec 2024 11:05:15 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/plain; charset=utf-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      access-control-allow-origin: *
                                                                                                                                                                                                                                                                                      cache-control: public, max-age=31536000
                                                                                                                                                                                                                                                                                      location: /tippy.js@6.3.7/dist/tippy-bundle.umd.min.js
                                                                                                                                                                                                                                                                                      vary: Accept
                                                                                                                                                                                                                                                                                      via: 1.1 fly.io
                                                                                                                                                                                                                                                                                      fly-request-id: 01JDNA6YW91YNHVVD080K5WHNV-lga
                                                                                                                                                                                                                                                                                      CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                      Age: 2031796
                                                                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                                                                      CF-RAY: 8f4f280028d57ca5-EWR
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC72INData Raw: 34 32 0d 0a 46 6f 75 6e 64 2e 20 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 2f 74 69 70 70 79 2e 6a 73 40 36 2e 33 2e 37 2f 64 69 73 74 2f 74 69 70 70 79 2d 62 75 6e 64 6c 65 2e 75 6d 64 2e 6d 69 6e 2e 6a 73 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 42Found. Redirecting to /tippy.js@6.3.7/dist/tippy-bundle.umd.min.js
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      9192.168.2.449753104.17.248.2034437196C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC560OUTGET /@popperjs/core@2.11.8 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: unpkg.com
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"
                                                                                                                                                                                                                                                                                      sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                      sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                      Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                      Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                      Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC548INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                                      Date: Fri, 20 Dec 2024 11:05:15 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/plain; charset=utf-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      access-control-allow-origin: *
                                                                                                                                                                                                                                                                                      cache-control: public, max-age=31536000
                                                                                                                                                                                                                                                                                      location: /@popperjs/core@2.11.8/dist/umd/popper.min.js
                                                                                                                                                                                                                                                                                      vary: Accept
                                                                                                                                                                                                                                                                                      via: 1.1 fly.io
                                                                                                                                                                                                                                                                                      fly-request-id: 01JDY75ZF73MP5CPAMBKMQW4E2-lga
                                                                                                                                                                                                                                                                                      CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                      Age: 1732984
                                                                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                                                                      CF-RAY: 8f4f28003a468cd4-EWR
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC73INData Raw: 34 33 0d 0a 46 6f 75 6e 64 2e 20 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 2f 40 70 6f 70 70 65 72 6a 73 2f 63 6f 72 65 40 32 2e 31 31 2e 38 2f 64 69 73 74 2f 75 6d 64 2f 70 6f 70 70 65 72 2e 6d 69 6e 2e 6a 73 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 43Found. Redirecting to /@popperjs/core@2.11.8/dist/umd/popper.min.js
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      10192.168.2.449754172.67.41.164437196C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC555OUTGET /3.4.16 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: cdn.tailwindcss.com
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"
                                                                                                                                                                                                                                                                                      sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                      sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                      Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                      Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                      Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC424INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Fri, 20 Dec 2024 11:05:15 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/javascript
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: max-age=31536000
                                                                                                                                                                                                                                                                                      strict-transport-security: max-age=63072000
                                                                                                                                                                                                                                                                                      x-vercel-cache: MISS
                                                                                                                                                                                                                                                                                      x-vercel-id: cle1::iad1::rv4dn-1733520637303-9c55b126e284
                                                                                                                                                                                                                                                                                      Last-Modified: Fri, 06 Dec 2024 21:30:37 GMT
                                                                                                                                                                                                                                                                                      CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                      Age: 122343
                                                                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                                                                      CF-RAY: 8f4f28008deade99-EWR
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC945INData Raw: 37 64 66 37 0d 0a 28 28 29 3d 3e 7b 76 61 72 20 71 76 3d 4f 62 6a 65 63 74 2e 63 72 65 61 74 65 3b 76 61 72 20 48 69 3d 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 3b 76 61 72 20 24 76 3d 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 44 65 73 63 72 69 70 74 6f 72 3b 76 61 72 20 4c 76 3d 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 4e 61 6d 65 73 3b 76 61 72 20 4d 76 3d 4f 62 6a 65 63 74 2e 67 65 74 50 72 6f 74 6f 74 79 70 65 4f 66 2c 4e 76 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 3b 76 61 72 20 64 66 3d 72 3d 3e 48 69 28 72 2c 22 5f 5f 65 73 4d 6f 64 75 6c 65 22 2c 7b 76 61 6c 75 65 3a 21 30 7d 29 3b 76 61 72 20 68 66 3d 72 3d 3e 7b 69 66 28 74 79
                                                                                                                                                                                                                                                                                      Data Ascii: 7df7(()=>{var qv=Object.create;var Hi=Object.defineProperty;var $v=Object.getOwnPropertyDescriptor;var Lv=Object.getOwnPropertyNames;var Mv=Object.getPrototypeOf,Nv=Object.prototype.hasOwnProperty;var df=r=>Hi(r,"__esModule",{value:!0});var hf=r=>{if(ty
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC1369INData Raw: 72 65 61 64 46 69 6c 65 53 79 6e 63 3a 72 3d 3e 73 65 6c 66 5b 72 5d 7c 7c 22 22 2c 73 74 61 74 53 79 6e 63 3a 28 29 3d 3e 28 7b 6d 74 69 6d 65 4d 73 3a 46 76 2b 2b 7d 29 2c 70 72 6f 6d 69 73 65 73 3a 7b 72 65 61 64 46 69 6c 65 3a 72 3d 3e 50 72 6f 6d 69 73 65 2e 72 65 73 6f 6c 76 65 28 73 65 6c 66 5b 72 5d 7c 7c 22 22 29 7d 7d 7d 29 3b 76 61 72 20 46 73 3d 78 28 28 6f 50 2c 67 66 29 3d 3e 7b 75 28 29 3b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 6d 66 3d 63 6c 61 73 73 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 65 3d 7b 7d 29 7b 69 66 28 21 28 65 2e 6d 61 78 53 69 7a 65 26 26 65 2e 6d 61 78 53 69 7a 65 3e 30 29 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 60 6d 61 78 53 69 7a 65 60 20 6d 75 73 74 20 62 65 20 61 20 6e 75 6d 62 65
                                                                                                                                                                                                                                                                                      Data Ascii: readFileSync:r=>self[r]||"",statSync:()=>({mtimeMs:Fv++}),promises:{readFile:r=>Promise.resolve(self[r]||"")}}});var Fs=x((oP,gf)=>{u();"use strict";var mf=class{constructor(e={}){if(!(e.maxSize&&e.maxSize>0))throw new TypeError("`maxSize` must be a numbe
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC1369INData Raw: 6c 65 74 65 49 66 45 78 70 69 72 65 64 28 74 2c 69 29 3d 3d 3d 21 31 26 26 28 79 69 65 6c 64 20 65 29 7d 7d 67 65 74 28 65 29 7b 69 66 28 74 68 69 73 2e 63 61 63 68 65 2e 68 61 73 28 65 29 29 7b 6c 65 74 20 74 3d 74 68 69 73 2e 63 61 63 68 65 2e 67 65 74 28 65 29 3b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 67 65 74 49 74 65 6d 56 61 6c 75 65 28 65 2c 74 29 7d 69 66 28 74 68 69 73 2e 6f 6c 64 43 61 63 68 65 2e 68 61 73 28 65 29 29 7b 6c 65 74 20 74 3d 74 68 69 73 2e 6f 6c 64 43 61 63 68 65 2e 67 65 74 28 65 29 3b 69 66 28 74 68 69 73 2e 5f 64 65 6c 65 74 65 49 66 45 78 70 69 72 65 64 28 65 2c 74 29 3d 3d 3d 21 31 29 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 6d 6f 76 65 54 6f 52 65 63 65 6e 74 28 65 2c 74 29 2c 74 2e 76 61 6c 75 65 7d 7d 73 65 74 28 65 2c 74 2c
                                                                                                                                                                                                                                                                                      Data Ascii: leteIfExpired(t,i)===!1&&(yield e)}}get(e){if(this.cache.has(e)){let t=this.cache.get(e);return this._getItemValue(e,t)}if(this.oldCache.has(e)){let t=this.oldCache.get(e);if(this._deleteIfExpired(e,t)===!1)return this._moveToRecent(e,t),t.value}}set(e,t,
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC1369INData Raw: 74 68 69 73 2e 63 61 63 68 65 2e 68 61 73 28 74 29 7c 7c 74 68 69 73 2e 5f 64 65 6c 65 74 65 49 66 45 78 70 69 72 65 64 28 74 2c 69 29 3d 3d 3d 21 31 26 26 28 79 69 65 6c 64 5b 74 2c 69 2e 76 61 6c 75 65 5d 29 7d 7d 2a 65 6e 74 72 69 65 73 44 65 73 63 65 6e 64 69 6e 67 28 29 7b 6c 65 74 20 65 3d 5b 2e 2e 2e 74 68 69 73 2e 63 61 63 68 65 5d 3b 66 6f 72 28 6c 65 74 20 74 3d 65 2e 6c 65 6e 67 74 68 2d 31 3b 74 3e 3d 30 3b 2d 2d 74 29 7b 6c 65 74 20 69 3d 65 5b 74 5d 2c 5b 6e 2c 73 5d 3d 69 3b 74 68 69 73 2e 5f 64 65 6c 65 74 65 49 66 45 78 70 69 72 65 64 28 6e 2c 73 29 3d 3d 3d 21 31 26 26 28 79 69 65 6c 64 5b 6e 2c 73 2e 76 61 6c 75 65 5d 29 7d 65 3d 5b 2e 2e 2e 74 68 69 73 2e 6f 6c 64 43 61 63 68 65 5d 3b 66 6f 72 28 6c 65 74 20 74 3d 65 2e 6c 65 6e 67 74
                                                                                                                                                                                                                                                                                      Data Ascii: this.cache.has(t)||this._deleteIfExpired(t,i)===!1&&(yield[t,i.value])}}*entriesDescending(){let e=[...this.cache];for(let t=e.length-1;t>=0;--t){let i=e[t],[n,s]=i;this._deleteIfExpired(n,s)===!1&&(yield[n,s.value])}e=[...this.oldCache];for(let t=e.lengt
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC1369INData Raw: 78 22 2c 22 66 6c 65 78 53 68 72 69 6e 6b 22 2c 22 66 6c 65 78 47 72 6f 77 22 2c 22 66 6c 65 78 42 61 73 69 73 22 2c 22 74 61 62 6c 65 4c 61 79 6f 75 74 22 2c 22 63 61 70 74 69 6f 6e 53 69 64 65 22 2c 22 62 6f 72 64 65 72 43 6f 6c 6c 61 70 73 65 22 2c 22 62 6f 72 64 65 72 53 70 61 63 69 6e 67 22 2c 22 74 72 61 6e 73 66 6f 72 6d 4f 72 69 67 69 6e 22 2c 22 74 72 61 6e 73 6c 61 74 65 22 2c 22 72 6f 74 61 74 65 22 2c 22 73 6b 65 77 22 2c 22 73 63 61 6c 65 22 2c 22 74 72 61 6e 73 66 6f 72 6d 22 2c 22 61 6e 69 6d 61 74 69 6f 6e 22 2c 22 63 75 72 73 6f 72 22 2c 22 74 6f 75 63 68 41 63 74 69 6f 6e 22 2c 22 75 73 65 72 53 65 6c 65 63 74 22 2c 22 72 65 73 69 7a 65 22 2c 22 73 63 72 6f 6c 6c 53 6e 61 70 54 79 70 65 22 2c 22 73 63 72 6f 6c 6c 53 6e 61 70 41 6c 69 67
                                                                                                                                                                                                                                                                                      Data Ascii: x","flexShrink","flexGrow","flexBasis","tableLayout","captionSide","borderCollapse","borderSpacing","transformOrigin","translate","rotate","skew","scale","transform","animation","cursor","touchAction","userSelect","resize","scrollSnapType","scrollSnapAlig
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC1369INData Raw: 22 2c 22 74 65 78 74 4f 70 61 63 69 74 79 22 2c 22 74 65 78 74 44 65 63 6f 72 61 74 69 6f 6e 22 2c 22 74 65 78 74 44 65 63 6f 72 61 74 69 6f 6e 43 6f 6c 6f 72 22 2c 22 74 65 78 74 44 65 63 6f 72 61 74 69 6f 6e 53 74 79 6c 65 22 2c 22 74 65 78 74 44 65 63 6f 72 61 74 69 6f 6e 54 68 69 63 6b 6e 65 73 73 22 2c 22 74 65 78 74 55 6e 64 65 72 6c 69 6e 65 4f 66 66 73 65 74 22 2c 22 66 6f 6e 74 53 6d 6f 6f 74 68 69 6e 67 22 2c 22 70 6c 61 63 65 68 6f 6c 64 65 72 43 6f 6c 6f 72 22 2c 22 70 6c 61 63 65 68 6f 6c 64 65 72 4f 70 61 63 69 74 79 22 2c 22 63 61 72 65 74 43 6f 6c 6f 72 22 2c 22 61 63 63 65 6e 74 43 6f 6c 6f 72 22 2c 22 6f 70 61 63 69 74 79 22 2c 22 62 61 63 6b 67 72 6f 75 6e 64 42 6c 65 6e 64 4d 6f 64 65 22 2c 22 6d 69 78 42 6c 65 6e 64 4d 6f 64 65 22 2c
                                                                                                                                                                                                                                                                                      Data Ascii: ","textOpacity","textDecoration","textDecorationColor","textDecorationStyle","textDecorationThickness","textUnderlineOffset","fontSmoothing","placeholderColor","placeholderOpacity","caretColor","accentColor","opacity","backgroundBlendMode","mixBlendMode",
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC1369INData Raw: 61 79 2e 69 73 41 72 72 61 79 28 72 29 3f 5b 72 5d 3a 5b 65 2c 72 5d 29 7d 2c 77 61 72 6e 28 72 2c 65 29 7b 5b 22 63 6f 6e 74 65 6e 74 2d 70 72 6f 62 6c 65 6d 73 22 5d 2e 69 6e 63 6c 75 64 65 73 28 72 29 7c 7c 6a 73 28 51 65 2e 62 6f 6c 64 28 51 65 2e 79 65 6c 6c 6f 77 28 22 77 61 72 6e 22 29 29 2c 2e 2e 2e 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 72 29 3f 5b 72 5d 3a 5b 65 2c 72 5d 29 7d 2c 72 69 73 6b 28 72 2c 65 29 7b 6a 73 28 51 65 2e 62 6f 6c 64 28 51 65 2e 6d 61 67 65 6e 74 61 28 22 72 69 73 6b 22 29 29 2c 2e 2e 2e 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 72 29 3f 5b 72 5d 3a 5b 65 2c 72 5d 29 7d 7d 7d 29 3b 76 61 72 20 5f 66 3d 7b 7d 3b 47 65 28 5f 66 2c 7b 64 65 66 61 75 6c 74 3a 28 29 3d 3e 55 73 7d 29 3b 66 75 6e 63 74 69 6f 6e 20 71 72 28 7b
                                                                                                                                                                                                                                                                                      Data Ascii: ay.isArray(r)?[r]:[e,r])},warn(r,e){["content-problems"].includes(r)||js(Qe.bold(Qe.yellow("warn")),...Array.isArray(r)?[r]:[e,r])},risk(r,e){js(Qe.bold(Qe.magenta("risk")),...Array.isArray(r)?[r]:[e,r])}}});var _f={};Ge(_f,{default:()=>Us});function qr({
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC1369INData Raw: 3a 22 23 66 65 66 32 66 32 22 2c 31 30 30 3a 22 23 66 65 65 32 65 32 22 2c 32 30 30 3a 22 23 66 65 63 61 63 61 22 2c 33 30 30 3a 22 23 66 63 61 35 61 35 22 2c 34 30 30 3a 22 23 66 38 37 31 37 31 22 2c 35 30 30 3a 22 23 65 66 34 34 34 34 22 2c 36 30 30 3a 22 23 64 63 32 36 32 36 22 2c 37 30 30 3a 22 23 62 39 31 63 31 63 22 2c 38 30 30 3a 22 23 39 39 31 62 31 62 22 2c 39 30 30 3a 22 23 37 66 31 64 31 64 22 2c 39 35 30 3a 22 23 34 35 30 61 30 61 22 7d 2c 6f 72 61 6e 67 65 3a 7b 35 30 3a 22 23 66 66 66 37 65 64 22 2c 31 30 30 3a 22 23 66 66 65 64 64 35 22 2c 32 30 30 3a 22 23 66 65 64 37 61 61 22 2c 33 30 30 3a 22 23 66 64 62 61 37 34 22 2c 34 30 30 3a 22 23 66 62 39 32 33 63 22 2c 35 30 30 3a 22 23 66 39 37 33 31 36 22 2c 36 30 30 3a 22 23 65 61 35 38 30 63
                                                                                                                                                                                                                                                                                      Data Ascii: :"#fef2f2",100:"#fee2e2",200:"#fecaca",300:"#fca5a5",400:"#f87171",500:"#ef4444",600:"#dc2626",700:"#b91c1c",800:"#991b1b",900:"#7f1d1d",950:"#450a0a"},orange:{50:"#fff7ed",100:"#ffedd5",200:"#fed7aa",300:"#fdba74",400:"#fb923c",500:"#f97316",600:"#ea580c
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC1369INData Raw: 2c 36 30 30 3a 22 23 30 38 39 31 62 32 22 2c 37 30 30 3a 22 23 30 65 37 34 39 30 22 2c 38 30 30 3a 22 23 31 35 35 65 37 35 22 2c 39 30 30 3a 22 23 31 36 34 65 36 33 22 2c 39 35 30 3a 22 23 30 38 33 33 34 34 22 7d 2c 73 6b 79 3a 7b 35 30 3a 22 23 66 30 66 39 66 66 22 2c 31 30 30 3a 22 23 65 30 66 32 66 65 22 2c 32 30 30 3a 22 23 62 61 65 36 66 64 22 2c 33 30 30 3a 22 23 37 64 64 33 66 63 22 2c 34 30 30 3a 22 23 33 38 62 64 66 38 22 2c 35 30 30 3a 22 23 30 65 61 35 65 39 22 2c 36 30 30 3a 22 23 30 32 38 34 63 37 22 2c 37 30 30 3a 22 23 30 33 36 39 61 31 22 2c 38 30 30 3a 22 23 30 37 35 39 38 35 22 2c 39 30 30 3a 22 23 30 63 34 61 36 65 22 2c 39 35 30 3a 22 23 30 38 32 66 34 39 22 7d 2c 62 6c 75 65 3a 7b 35 30 3a 22 23 65 66 66 36 66 66 22 2c 31 30 30 3a 22
                                                                                                                                                                                                                                                                                      Data Ascii: ,600:"#0891b2",700:"#0e7490",800:"#155e75",900:"#164e63",950:"#083344"},sky:{50:"#f0f9ff",100:"#e0f2fe",200:"#bae6fd",300:"#7dd3fc",400:"#38bdf8",500:"#0ea5e9",600:"#0284c7",700:"#0369a1",800:"#075985",900:"#0c4a6e",950:"#082f49"},blue:{50:"#eff6ff",100:"
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC1369INData Raw: 42 6c 75 65 28 29 7b 72 65 74 75 72 6e 20 71 72 28 7b 76 65 72 73 69 6f 6e 3a 22 76 32 2e 32 22 2c 66 72 6f 6d 3a 22 6c 69 67 68 74 42 6c 75 65 22 2c 74 6f 3a 22 73 6b 79 22 7d 29 2c 74 68 69 73 2e 73 6b 79 7d 2c 67 65 74 20 77 61 72 6d 47 72 61 79 28 29 7b 72 65 74 75 72 6e 20 71 72 28 7b 76 65 72 73 69 6f 6e 3a 22 76 33 2e 30 22 2c 66 72 6f 6d 3a 22 77 61 72 6d 47 72 61 79 22 2c 74 6f 3a 22 73 74 6f 6e 65 22 7d 29 2c 74 68 69 73 2e 73 74 6f 6e 65 7d 2c 67 65 74 20 74 72 75 65 47 72 61 79 28 29 7b 72 65 74 75 72 6e 20 71 72 28 7b 76 65 72 73 69 6f 6e 3a 22 76 33 2e 30 22 2c 66 72 6f 6d 3a 22 74 72 75 65 47 72 61 79 22 2c 74 6f 3a 22 6e 65 75 74 72 61 6c 22 7d 29 2c 74 68 69 73 2e 6e 65 75 74 72 61 6c 7d 2c 67 65 74 20 63 6f 6f 6c 47 72 61 79 28 29 7b 72
                                                                                                                                                                                                                                                                                      Data Ascii: Blue(){return qr({version:"v2.2",from:"lightBlue",to:"sky"}),this.sky},get warmGray(){return qr({version:"v3.0",from:"warmGray",to:"stone"}),this.stone},get trueGray(){return qr({version:"v3.0",from:"trueGray",to:"neutral"}),this.neutral},get coolGray(){r


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      11192.168.2.449755185.199.111.1534437196C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC404OUTGET /examples/js/libs/stats.min.js HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: threejs.org
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                      Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                      Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                      Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC668INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Content-Length: 9379
                                                                                                                                                                                                                                                                                      Server: GitHub.com
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                                      x-origin-cache: HIT
                                                                                                                                                                                                                                                                                      Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                      ETag: "64d39a40-24a3"
                                                                                                                                                                                                                                                                                      Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
                                                                                                                                                                                                                                                                                      x-proxy-cache: MISS
                                                                                                                                                                                                                                                                                      X-GitHub-Request-Id: 3B00:66412:8570E8:8FAD24:67654F6B
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      Age: 0
                                                                                                                                                                                                                                                                                      Date: Fri, 20 Dec 2024 11:05:15 GMT
                                                                                                                                                                                                                                                                                      Via: 1.1 varnish
                                                                                                                                                                                                                                                                                      X-Served-By: cache-ewr-kewr1740038-EWR
                                                                                                                                                                                                                                                                                      X-Cache: MISS
                                                                                                                                                                                                                                                                                      X-Cache-Hits: 0
                                                                                                                                                                                                                                                                                      X-Timer: S1734692716.712867,VS0,VE13
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      X-Fastly-Request-ID: 0073cb585fdb641b68763649683597c66d9c5f85
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC1378INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 69 74 79 2d 50 6f 6c 69 63 79 22 20 63 6f 6e 74 65 6e 74 3d 22 64 65 66 61 75 6c 74 2d 73 72 63 20 27 6e 6f 6e 65 27 3b 20 73 74 79 6c 65 2d 73 72 63 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 3b 20 69 6d 67 2d 73 72 63 20 64 61 74 61 3a 3b 20 63 6f 6e 6e 65 63 74 2d 73 72 63 20 27 73 65 6c 66 27 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 50
                                                                                                                                                                                                                                                                                      Data Ascii: <!DOCTYPE html><html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"> <meta http-equiv="Content-Security-Policy" content="default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'"> <title>P
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC1378INData Raw: 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 20 32 29 2c 0a 20 20 20 20 20 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 20 31 39 32 64 70 69 29 2c 0a 20 20 20 20 20 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 20 32 64 70 70 78 29 20 7b 0a 20 20 20 20 20 20 20 20 2e 6c 6f 67 6f 2d 69 6d 67 2d 31 78 20 7b 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 20 7d 0a 20 20 20 20 20 20 20 20 2e 6c 6f 67 6f 2d 69 6d 67 2d 32 78 20 7b 20 64 69 73 70 6c 61 79 3a 20 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 20 7d 0a 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 23 73 75
                                                                                                                                                                                                                                                                                      Data Ascii: ice-pixel-ratio: 2), only screen and ( min-resolution: 192dpi), only screen and ( min-resolution: 2dppx) { .logo-img-1x { display: none; } .logo-img-2x { display: inline-block; } } #su
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC1378INData Raw: 32 22 20 68 65 69 67 68 74 3d 22 33 32 22 20 74 69 74 6c 65 3d 22 22 20 61 6c 74 3d 22 22 20 73 72 63 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 70 6e 67 3b 62 61 73 65 36 34 2c 69 56 42 4f 52 77 30 4b 47 67 6f 41 41 41 41 4e 53 55 68 45 55 67 41 41 41 43 41 41 41 41 41 67 43 41 59 41 41 41 42 7a 65 6e 72 30 41 41 41 41 47 58 52 46 57 48 52 54 62 32 5a 30 64 32 46 79 5a 51 42 42 5a 47 39 69 5a 53 42 4a 62 57 46 6e 5a 56 4a 6c 59 57 52 35 63 63 6c 6c 50 41 41 41 41 79 52 70 56 46 68 30 57 45 31 4d 4f 6d 4e 76 62 53 35 68 5a 47 39 69 5a 53 35 34 62 58 41 41 41 41 41 41 41 44 77 2f 65 48 42 68 59 32 74 6c 64 43 42 69 5a 57 64 70 62 6a 30 69 37 37 75 2f 49 69 42 70 5a 44 30 69 56 7a 56 4e 4d 45 31 77 51 32 56 6f 61 55 68 36 63 6d 56 54 65 6b 35 55 59 33 70 72 59
                                                                                                                                                                                                                                                                                      Data Ascii: 2" height="32" title="" alt="" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyRpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prY
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC1378INData Raw: 2f 38 37 37 47 59 64 48 52 67 33 5a 6a 4d 58 46 78 65 70 51 4b 4e 53 36 73 4c 43 77 4a 78 71 4e 4e 75 46 70 69 4d 66 6a 56 73 34 5a 6a 55 61 2f 70 6d 6d 6a 65 44 36 56 6c 4a 53 38 4e 70 76 4e 54 34 51 51 37 6d 78 77 6a 53 73 4a 69 45 51 69 6d 2f 31 2b 2f 39 6c 67 4d 48 67 49 72 35 6f 68 75 78 47 31 57 43 77 39 56 71 76 31 63 6c 46 52 30 64 43 71 42 4f 44 45 6c 56 36 76 39 30 6f 67 45 44 6a 47 64 59 62 56 6a 58 68 70 61 65 6e 64 69 6f 71 4b 30 37 43 49 52 37 5a 41 71 45 34 39 50 54 30 39 42 50 4c 32 50 4d 67 54 42 79 51 47 73 59 69 5a 6c 51 44 34 75 4d 58 74 64 72 2b 4a 78 57 49 4e 68 67 49 4e 59 68 47 54 32 4d 73 4b 67 4d 72 6d 32 64 6e 5a 58 67 52 58 68 61 48 41 67 35 6a 45 4a 6f 64 55 41 48 78 75 78 34 4c 75 64 48 4a 45 39 52 64 45 64 41 2b 69 33 4a 75
                                                                                                                                                                                                                                                                                      Data Ascii: /877GYdHRg3ZjMXFxepQKNS6sLCwJxqNNuFpiMfjVs4ZjUa/pmmjeD6VlJS8NpvNT4QQ7mxwjSsJiEQim/1+/9lgMHgIr5ohuxG1WCw9Vqv1clFR0dCqBODElV6v90ogEDjGdYbVjXhpaendioqK07CIR7ZAqE49PT09BPL2PMgTByQGsYiZlQD4uMXtdr+JxWINhgINYhGT2MsKgMrm2dnZXgRXhaHAg5jEJodUAHxux4LudHJE9RdEdA+i3Ju
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC1378INData Raw: 52 77 30 4b 47 67 6f 41 41 41 41 4e 53 55 68 45 55 67 41 41 41 45 41 41 41 41 42 41 43 41 59 41 41 41 43 71 61 58 48 65 41 41 41 41 47 58 52 46 57 48 52 54 62 32 5a 30 64 32 46 79 5a 51 42 42 5a 47 39 69 5a 53 42 4a 62 57 46 6e 5a 56 4a 6c 59 57 52 35 63 63 6c 6c 50 41 41 41 41 79 52 70 56 46 68 30 57 45 31 4d 4f 6d 4e 76 62 53 35 68 5a 47 39 69 5a 53 35 34 62 58 41 41 41 41 41 41 41 44 77 2f 65 48 42 68 59 32 74 6c 64 43 42 69 5a 57 64 70 62 6a 30 69 37 37 75 2f 49 69 42 70 5a 44 30 69 56 7a 56 4e 4d 45 31 77 51 32 56 6f 61 55 68 36 63 6d 56 54 65 6b 35 55 59 33 70 72 59 7a 6c 6b 49 6a 38 2b 49 44 78 34 4f 6e 68 74 63 47 31 6c 64 47 45 67 65 47 31 73 62 6e 4d 36 65 44 30 69 59 57 52 76 59 6d 55 36 62 6e 4d 36 62 57 56 30 59 53 38 69 49 48 67 36 65 47 31
                                                                                                                                                                                                                                                                                      Data Ascii: Rw0KGgoAAAANSUhEUgAAAEAAAABACAYAAACqaXHeAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyRpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      12192.168.2.449756162.159.61.34437196C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Content-Length: 128
                                                                                                                                                                                                                                                                                      Accept: application/dns-message
                                                                                                                                                                                                                                                                                      Accept-Language: *
                                                                                                                                                                                                                                                                                      User-Agent: Chrome
                                                                                                                                                                                                                                                                                      Accept-Encoding: identity
                                                                                                                                                                                                                                                                                      Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:16 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                                                                      Date: Fri, 20 Dec 2024 11:05:16 GMT
                                                                                                                                                                                                                                                                                      Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                      Content-Length: 468
                                                                                                                                                                                                                                                                                      CF-RAY: 8f4f28037ca97d18-EWR
                                                                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:16 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 e1 00 04 8e fa b0 c3 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii: wwwgstaticcom)


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      13192.168.2.449757172.64.41.34437196C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Content-Length: 128
                                                                                                                                                                                                                                                                                      Accept: application/dns-message
                                                                                                                                                                                                                                                                                      Accept-Language: *
                                                                                                                                                                                                                                                                                      User-Agent: Chrome
                                                                                                                                                                                                                                                                                      Accept-Encoding: identity
                                                                                                                                                                                                                                                                                      Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:15 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:16 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                                                                      Date: Fri, 20 Dec 2024 11:05:16 GMT
                                                                                                                                                                                                                                                                                      Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                      Content-Length: 468
                                                                                                                                                                                                                                                                                      CF-RAY: 8f4f28037a47efa3-EWR
                                                                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:16 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 25 00 04 8e fa b0 c3 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii: wwwgstaticcom%)


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      14192.168.2.449759162.159.61.34437196C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:16 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Content-Length: 128
                                                                                                                                                                                                                                                                                      Accept: application/dns-message
                                                                                                                                                                                                                                                                                      Accept-Language: *
                                                                                                                                                                                                                                                                                      User-Agent: Chrome
                                                                                                                                                                                                                                                                                      Accept-Encoding: identity
                                                                                                                                                                                                                                                                                      Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:16 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii: wwwgstaticcom)TP


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      15192.168.2.449760172.64.41.34437196C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:16 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Content-Length: 128
                                                                                                                                                                                                                                                                                      Accept: application/dns-message
                                                                                                                                                                                                                                                                                      Accept-Language: *
                                                                                                                                                                                                                                                                                      User-Agent: Chrome
                                                                                                                                                                                                                                                                                      Accept-Encoding: identity
                                                                                                                                                                                                                                                                                      Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:16 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii: wwwgstaticcom)TP


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      16192.168.2.449762104.17.248.2034437196C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:17 UTC582OUTGET /tippy.js@6.3.7/dist/tippy-bundle.umd.min.js HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: unpkg.com
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"
                                                                                                                                                                                                                                                                                      sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                      sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                      Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                      Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                      Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:17 UTC576INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Fri, 20 Dec 2024 11:05:17 GMT
                                                                                                                                                                                                                                                                                      Content-Type: application/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      access-control-allow-origin: *
                                                                                                                                                                                                                                                                                      cache-control: public, max-age=31536000
                                                                                                                                                                                                                                                                                      last-modified: Sat, 26 Oct 1985 08:15:00 GMT
                                                                                                                                                                                                                                                                                      etag: W/"6475-GJFZFDM34LwIzjC4uKWaXpNTNf4"
                                                                                                                                                                                                                                                                                      via: 1.1 fly.io
                                                                                                                                                                                                                                                                                      fly-request-id: 01JE62KSKYF1SANQQ6XH6C1PAM-lga
                                                                                                                                                                                                                                                                                      CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                      Age: 1469341
                                                                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                                                                      CF-RAY: 8f4f280c0c5a43fd-EWR
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:17 UTC793INData Raw: 36 34 37 35 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 28 72 65 71 75 69 72 65 28 22 40 70 6f 70 70 65 72 6a 73 2f 63 6f 72 65 22 29 29 3a 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 5b 22 40 70 6f 70 70 65 72 6a 73 2f 63 6f 72 65 22 5d 2c 65 29 3a 28 74 3d 74 7c 7c 73 65 6c 66 29 2e 74 69 70 70 79 3d 65 28 74 2e 50 6f 70 70 65 72 29 7d 28 74 68 69 73 2c 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 65 3d 22 75
                                                                                                                                                                                                                                                                                      Data Ascii: 6475!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?module.exports=e(require("@popperjs/core")):"function"==typeof define&&define.amd?define(["@popperjs/core"],e):(t=t||self).tippy=e(t.Popper)}(this,(function(t){"use strict";var e="u
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:17 UTC1369INData Raw: 2c 74 29 3b 72 65 74 75 72 6e 20 65 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 64 65 6c 65 74 65 20 6e 5b 74 5d 7d 29 29 2c 6e 7d 66 75 6e 63 74 69 6f 6e 20 63 28 74 29 7b 72 65 74 75 72 6e 5b 5d 2e 63 6f 6e 63 61 74 28 74 29 7d 66 75 6e 63 74 69 6f 6e 20 66 28 74 2c 65 29 7b 2d 31 3d 3d 3d 74 2e 69 6e 64 65 78 4f 66 28 65 29 26 26 74 2e 70 75 73 68 28 65 29 7d 66 75 6e 63 74 69 6f 6e 20 6c 28 74 29 7b 72 65 74 75 72 6e 20 74 2e 73 70 6c 69 74 28 22 2d 22 29 5b 30 5d 7d 66 75 6e 63 74 69 6f 6e 20 64 28 74 29 7b 72 65 74 75 72 6e 5b 5d 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 74 29 7d 66 75 6e 63 74 69 6f 6e 20 76 28 74 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 6b 65 79 73 28 74 29 2e 72 65 64 75 63 65 28 28 66 75 6e 63 74 69 6f 6e
                                                                                                                                                                                                                                                                                      Data Ascii: ,t);return e.forEach((function(t){delete n[t]})),n}function c(t){return[].concat(t)}function f(t,e){-1===t.indexOf(e)&&t.push(e)}function l(t){return t.split("-")[0]}function d(t){return[].slice.call(t)}function v(t){return Object.keys(t).reduce((function
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:17 UTC1369INData Raw: 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 6d 6f 75 73 65 6d 6f 76 65 22 2c 44 29 29 2c 41 3d 74 7d 66 75 6e 63 74 69 6f 6e 20 6b 28 29 7b 76 61 72 20 74 3d 64 6f 63 75 6d 65 6e 74 2e 61 63 74 69 76 65 45 6c 65 6d 65 6e 74 3b 69 66 28 62 28 74 29 29 7b 76 61 72 20 65 3d 74 2e 5f 74 69 70 70 79 3b 74 2e 62 6c 75 72 26 26 21 65 2e 73 74 61 74 65 2e 69 73 56 69 73 69 62 6c 65 26 26 74 2e 62 6c 75 72 28 29 7d 7d 76 61 72 20 52 3d 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 28 7b 61 70 70 65 6e 64 54 6f 3a 6f 2c 61 72 69 61 3a 7b 63 6f 6e 74 65 6e 74 3a 22 61 75 74 6f 22 2c 65 78 70 61 6e 64 65 64 3a 22 61 75 74 6f 22 7d 2c 64 65 6c 61 79 3a 30 2c 64 75 72 61 74 69 6f 6e 3a 5b 33 30 30 2c 32 35 30 5d 2c 67 65 74 52 65 66 65 72 65 6e 63 65 43 6c 69 65 6e 74 52 65 63 74
                                                                                                                                                                                                                                                                                      Data Ascii: entListener("mousemove",D)),A=t}function k(){var t=document.activeElement;if(b(t)){var e=t._tippy;t.blur&&!e.state.isVisible&&t.blur()}}var R=Object.assign({appendTo:o,aria:{content:"auto",expanded:"auto"},delay:0,duration:[300,250],getReferenceClientRect
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:17 UTC1369INData Raw: 74 72 69 62 75 74 65 28 22 64 61 74 61 2d 74 69 70 70 79 2d 22 2b 6e 29 7c 7c 22 22 29 2e 74 72 69 6d 28 29 3b 69 66 28 21 72 29 72 65 74 75 72 6e 20 65 3b 69 66 28 22 63 6f 6e 74 65 6e 74 22 3d 3d 3d 6e 29 65 5b 6e 5d 3d 72 3b 65 6c 73 65 20 74 72 79 7b 65 5b 6e 5d 3d 4a 53 4f 4e 2e 70 61 72 73 65 28 72 29 7d 63 61 74 63 68 28 74 29 7b 65 5b 6e 5d 3d 72 7d 72 65 74 75 72 6e 20 65 7d 29 2c 7b 7d 29 7d 28 74 2c 65 2e 70 6c 75 67 69 6e 73 29 29 3b 72 65 74 75 72 6e 20 6e 2e 61 72 69 61 3d 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 28 7b 7d 2c 52 2e 61 72 69 61 2c 6e 2e 61 72 69 61 29 2c 6e 2e 61 72 69 61 3d 7b 65 78 70 61 6e 64 65 64 3a 22 61 75 74 6f 22 3d 3d 3d 6e 2e 61 72 69 61 2e 65 78 70 61 6e 64 65 64 3f 65 2e 69 6e 74 65 72 61 63 74 69 76 65 3a 6e 2e 61
                                                                                                                                                                                                                                                                                      Data Ascii: tribute("data-tippy-"+n)||"").trim();if(!r)return e;if("content"===n)e[n]=r;else try{e[n]=JSON.parse(r)}catch(t){e[n]=r}return e}),{})}(t,e.plugins));return n.aria=Object.assign({},R.aria,n.aria),n.aria={expanded:"auto"===n.aria.expanded?e.interactive:n.a
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:17 UTC1369INData Raw: 72 2e 69 6e 65 72 74 69 61 3f 69 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 64 61 74 61 2d 69 6e 65 72 74 69 61 22 2c 22 22 29 3a 69 2e 72 65 6d 6f 76 65 41 74 74 72 69 62 75 74 65 28 22 64 61 74 61 2d 69 6e 65 72 74 69 61 22 29 2c 69 2e 73 74 79 6c 65 2e 6d 61 78 57 69 64 74 68 3d 22 6e 75 6d 62 65 72 22 3d 3d 74 79 70 65 6f 66 20 72 2e 6d 61 78 57 69 64 74 68 3f 72 2e 6d 61 78 57 69 64 74 68 2b 22 70 78 22 3a 72 2e 6d 61 78 57 69 64 74 68 2c 72 2e 72 6f 6c 65 3f 69 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 72 6f 6c 65 22 2c 72 2e 72 6f 6c 65 29 3a 69 2e 72 65 6d 6f 76 65 41 74 74 72 69 62 75 74 65 28 22 72 6f 6c 65 22 29 2c 6e 2e 63 6f 6e 74 65 6e 74 3d 3d 3d 72 2e 63 6f 6e 74 65 6e 74 26 26 6e 2e 61 6c 6c 6f 77 48 54 4d 4c 3d 3d 3d 72 2e 61 6c 6c
                                                                                                                                                                                                                                                                                      Data Ascii: r.inertia?i.setAttribute("data-inertia",""):i.removeAttribute("data-inertia"),i.style.maxWidth="number"==typeof r.maxWidth?r.maxWidth+"px":r.maxWidth,r.role?i.setAttribute("role",r.role):i.removeAttribute("role"),n.content===r.content&&n.allowHTML===r.all
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:17 UTC1369INData Raw: 64 22 29 7d 29 29 3a 72 2e 74 72 69 67 67 65 72 54 61 72 67 65 74 26 26 65 2e 72 65 6d 6f 76 65 41 74 74 72 69 62 75 74 65 28 22 61 72 69 61 2d 65 78 70 61 6e 64 65 64 22 29 3b 75 74 28 29 2c 69 74 28 29 2c 4a 26 26 4a 28 6e 2c 72 29 3b 59 2e 70 6f 70 70 65 72 49 6e 73 74 61 6e 63 65 26 26 28 43 74 28 29 2c 41 74 28 29 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 71 75 65 73 74 41 6e 69 6d 61 74 69 6f 6e 46 72 61 6d 65 28 74 2e 5f 74 69 70 70 79 2e 70 6f 70 70 65 72 49 6e 73 74 61 6e 63 65 2e 66 6f 72 63 65 55 70 64 61 74 65 29 7d 29 29 29 3b 61 74 28 22 6f 6e 41 66 74 65 72 55 70 64 61 74 65 22 2c 5b 59 2c 74 5d 29 7d 2c 73 65 74 43 6f 6e 74 65 6e 74 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 59 2e 73 65 74 50 72 6f 70 73 28 7b 63
                                                                                                                                                                                                                                                                                      Data Ascii: d")})):r.triggerTarget&&e.removeAttribute("aria-expanded");ut(),it(),J&&J(n,r);Y.popperInstance&&(Ct(),At().forEach((function(t){requestAnimationFrame(t._tippy.popperInstance.forceUpdate)})));at("onAfterUpdate",[Y,t])},setContent:function(t){Y.setProps({c
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:17 UTC1369INData Raw: 7c 6e 29 72 65 74 75 72 6e 3b 69 66 28 61 74 28 22 6f 6e 48 69 64 65 22 2c 5b 59 5d 2c 21 31 29 2c 21 31 3d 3d 3d 59 2e 70 72 6f 70 73 2e 6f 6e 48 69 64 65 28 59 29 29 72 65 74 75 72 6e 3b 59 2e 73 74 61 74 65 2e 69 73 56 69 73 69 62 6c 65 3d 21 31 2c 59 2e 73 74 61 74 65 2e 69 73 53 68 6f 77 6e 3d 21 31 2c 4e 3d 21 31 2c 56 3d 21 31 2c 74 74 28 29 26 26 28 24 2e 73 74 79 6c 65 2e 76 69 73 69 62 69 6c 69 74 79 3d 22 68 69 64 64 65 6e 22 29 3b 69 66 28 70 74 28 29 2c 76 74 28 29 2c 69 74 28 21 30 29 2c 74 74 28 29 29 7b 76 61 72 20 6f 3d 72 74 28 29 2c 61 3d 6f 2e 62 6f 78 2c 73 3d 6f 2e 63 6f 6e 74 65 6e 74 3b 59 2e 70 72 6f 70 73 2e 61 6e 69 6d 61 74 69 6f 6e 26 26 28 77 28 5b 61 2c 73 5d 2c 72 29 2c 78 28 5b 61 2c 73 5d 2c 22 68 69 64 64 65 6e 22 29 29
                                                                                                                                                                                                                                                                                      Data Ascii: |n)return;if(at("onHide",[Y],!1),!1===Y.props.onHide(Y))return;Y.state.isVisible=!1,Y.state.isShown=!1,N=!1,V=!1,tt()&&($.style.visibility="hidden");if(pt(),vt(),it(!0),tt()){var o=rt(),a=o.box,s=o.content;Y.props.animation&&(w([a,s],r),x([a,s],"hidden"))
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:17 UTC1369INData Raw: 63 6c 65 61 72 44 65 6c 61 79 54 69 6d 65 6f 75 74 73 28 29 7d 29 29 2c 24 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 6d 6f 75 73 65 6c 65 61 76 65 22 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 59 2e 70 72 6f 70 73 2e 69 6e 74 65 72 61 63 74 69 76 65 26 26 59 2e 70 72 6f 70 73 2e 74 72 69 67 67 65 72 2e 69 6e 64 65 78 4f 66 28 22 6d 6f 75 73 65 65 6e 74 65 72 22 29 3e 3d 30 26 26 6e 74 28 29 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 6d 6f 75 73 65 6d 6f 76 65 22 2c 46 29 7d 29 29 2c 59 3b 66 75 6e 63 74 69 6f 6e 20 51 28 29 7b 76 61 72 20 74 3d 59 2e 70 72 6f 70 73 2e 74 6f 75 63 68 3b 72 65 74 75 72 6e 20 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 74 29 3f 74 3a 5b 74 2c 30 5d 7d 66 75 6e 63 74 69 6f 6e 20 5a 28 29 7b 72 65 74 75
                                                                                                                                                                                                                                                                                      Data Ascii: clearDelayTimeouts()})),$.addEventListener("mouseleave",(function(){Y.props.interactive&&Y.props.trigger.indexOf("mouseenter")>=0&&nt().addEventListener("mousemove",F)})),Y;function Q(){var t=Y.props.touch;return Array.isArray(t)?t:[t,0]}function Z(){retu
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:17 UTC1369INData Raw: 28 22 6d 6f 75 73 65 6d 6f 76 65 22 2c 46 29 2c 55 3d 55 2e 66 69 6c 74 65 72 28 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 74 21 3d 3d 46 7d 29 29 7d 66 75 6e 63 74 69 6f 6e 20 63 74 28 74 29 7b 69 66 28 21 54 2e 69 73 54 6f 75 63 68 7c 7c 21 53 26 26 22 6d 6f 75 73 65 64 6f 77 6e 22 21 3d 3d 74 2e 74 79 70 65 29 7b 76 61 72 20 6e 3d 74 2e 63 6f 6d 70 6f 73 65 64 50 61 74 68 26 26 74 2e 63 6f 6d 70 6f 73 65 64 50 61 74 68 28 29 5b 30 5d 7c 7c 74 2e 74 61 72 67 65 74 3b 69 66 28 21 59 2e 70 72 6f 70 73 2e 69 6e 74 65 72 61 63 74 69 76 65 7c 7c 21 43 28 24 2c 6e 29 29 7b 69 66 28 63 28 59 2e 70 72 6f 70 73 2e 74 72 69 67 67 65 72 54 61 72 67 65 74 7c 7c 65 29 2e 73 6f 6d 65 28 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 43
                                                                                                                                                                                                                                                                                      Data Ascii: ("mousemove",F),U=U.filter((function(t){return t!==F}))}function ct(t){if(!T.isTouch||!S&&"mousedown"!==t.type){var n=t.composedPath&&t.composedPath()[0]||t.target;if(!Y.props.interactive||!C($,n)){if(c(Y.props.triggerTarget||e).some((function(t){return C
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:17 UTC1369INData Raw: 6d 61 6e 75 61 6c 22 21 3d 3d 74 29 73 77 69 74 63 68 28 67 74 28 74 2c 79 74 29 2c 74 29 7b 63 61 73 65 22 6d 6f 75 73 65 65 6e 74 65 72 22 3a 67 74 28 22 6d 6f 75 73 65 6c 65 61 76 65 22 2c 78 74 29 3b 62 72 65 61 6b 3b 63 61 73 65 22 66 6f 63 75 73 22 3a 67 74 28 6e 3f 22 66 6f 63 75 73 6f 75 74 22 3a 22 62 6c 75 72 22 2c 45 74 29 3b 62 72 65 61 6b 3b 63 61 73 65 22 66 6f 63 75 73 69 6e 22 3a 67 74 28 22 66 6f 63 75 73 6f 75 74 22 2c 45 74 29 7d 7d 29 29 7d 66 75 6e 63 74 69 6f 6e 20 62 74 28 29 7b 7a 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 74 2e 6e 6f 64 65 2c 6e 3d 74 2e 65 76 65 6e 74 54 79 70 65 2c 72 3d 74 2e 68 61 6e 64 6c 65 72 2c 6f 3d 74 2e 6f 70 74 69 6f 6e 73 3b 65 2e 72 65 6d 6f 76 65 45 76 65 6e
                                                                                                                                                                                                                                                                                      Data Ascii: manual"!==t)switch(gt(t,yt),t){case"mouseenter":gt("mouseleave",xt);break;case"focus":gt(n?"focusout":"blur",Et);break;case"focusin":gt("focusout",Et)}}))}function bt(){z.forEach((function(t){var e=t.node,n=t.eventType,r=t.handler,o=t.options;e.removeEven


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      17192.168.2.449761104.17.248.2034437196C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:17 UTC583OUTGET /@popperjs/core@2.11.8/dist/umd/popper.min.js HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: unpkg.com
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"
                                                                                                                                                                                                                                                                                      sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                      sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                      Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                      Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                      Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:17 UTC576INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Fri, 20 Dec 2024 11:05:17 GMT
                                                                                                                                                                                                                                                                                      Content-Type: application/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      access-control-allow-origin: *
                                                                                                                                                                                                                                                                                      cache-control: public, max-age=31536000
                                                                                                                                                                                                                                                                                      last-modified: Fri, 26 May 2023 17:27:16 GMT
                                                                                                                                                                                                                                                                                      etag: W/"4e9a-hx1u8QcL02PqOQ4MjDhOR9zn84k"
                                                                                                                                                                                                                                                                                      via: 1.1 fly.io
                                                                                                                                                                                                                                                                                      fly-request-id: 01JDYCE3DN5ABH4BW4FDRGVNVW-lga
                                                                                                                                                                                                                                                                                      CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                      Age: 1727477
                                                                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                                                                      CF-RAY: 8f4f280c0aa343b2-EWR
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:17 UTC793INData Raw: 34 65 39 61 0d 0a 2f 2a 2a 0a 20 2a 20 40 70 6f 70 70 65 72 6a 73 2f 63 6f 72 65 20 76 32 2e 31 31 2e 38 20 2d 20 4d 49 54 20 4c 69 63 65 6e 73 65 0a 20 2a 2f 0a 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 3f 74 28 65 78 70 6f 72 74 73 29 3a 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 5b 22 65 78 70 6f 72 74 73 22 5d 2c 74 29 3a 74 28 28 65 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 3f 67 6c 6f 62 61 6c 54 68 69 73 3a 65 7c 7c 73 65 6c 66 29 2e 50 6f 70 70 65
                                                                                                                                                                                                                                                                                      Data Ascii: 4e9a/** * @popperjs/core v2.11.8 - MIT License */!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).Poppe
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:17 UTC1369INData Raw: 26 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 65 2e 62 72 61 6e 64 73 29 3f 65 2e 62 72 61 6e 64 73 2e 6d 61 70 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 2e 62 72 61 6e 64 2b 22 2f 22 2b 65 2e 76 65 72 73 69 6f 6e 7d 29 29 2e 6a 6f 69 6e 28 22 20 22 29 3a 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 41 67 65 6e 74 7d 66 75 6e 63 74 69 6f 6e 20 63 28 29 7b 72 65 74 75 72 6e 21 2f 5e 28 28 3f 21 63 68 72 6f 6d 65 7c 61 6e 64 72 6f 69 64 29 2e 29 2a 73 61 66 61 72 69 2f 69 2e 74 65 73 74 28 66 28 29 29 7d 66 75 6e 63 74 69 6f 6e 20 70 28 65 2c 6f 2c 69 29 7b 76 6f 69 64 20 30 3d 3d 3d 6f 26 26 28 6f 3d 21 31 29 2c 76 6f 69 64 20 30 3d 3d 3d 69 26 26 28 69 3d 21 31 29 3b 76 61 72 20 61 3d 65 2e 67 65 74 42 6f 75 6e 64 69 6e 67 43 6c 69 65
                                                                                                                                                                                                                                                                                      Data Ascii: &Array.isArray(e.brands)?e.brands.map((function(e){return e.brand+"/"+e.version})).join(" "):navigator.userAgent}function c(){return!/^((?!chrome|android).)*safari/i.test(f())}function p(e,o,i){void 0===o&&(o=!1),void 0===i&&(i=!1);var a=e.getBoundingClie
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:17 UTC1369INData Raw: 66 74 2c 73 63 72 6f 6c 6c 54 6f 70 3a 61 2e 73 63 72 6f 6c 6c 54 6f 70 7d 3a 75 28 69 29 29 2c 72 28 6e 29 3f 28 28 62 3d 70 28 6e 2c 21 30 29 29 2e 78 2b 3d 6e 2e 63 6c 69 65 6e 74 4c 65 66 74 2c 62 2e 79 2b 3d 6e 2e 63 6c 69 65 6e 74 54 6f 70 29 3a 6d 26 26 28 62 2e 78 3d 68 28 6d 29 29 29 2c 7b 78 3a 79 2e 6c 65 66 74 2b 67 2e 73 63 72 6f 6c 6c 4c 65 66 74 2d 62 2e 78 2c 79 3a 79 2e 74 6f 70 2b 67 2e 73 63 72 6f 6c 6c 54 6f 70 2d 62 2e 79 2c 77 69 64 74 68 3a 79 2e 77 69 64 74 68 2c 68 65 69 67 68 74 3a 79 2e 68 65 69 67 68 74 7d 7d 66 75 6e 63 74 69 6f 6e 20 67 28 65 29 7b 76 61 72 20 74 3d 70 28 65 29 2c 6e 3d 65 2e 6f 66 66 73 65 74 57 69 64 74 68 2c 72 3d 65 2e 6f 66 66 73 65 74 48 65 69 67 68 74 3b 72 65 74 75 72 6e 20 4d 61 74 68 2e 61 62 73 28
                                                                                                                                                                                                                                                                                      Data Ascii: ft,scrollTop:a.scrollTop}:u(i)),r(n)?((b=p(n,!0)).x+=n.clientLeft,b.y+=n.clientTop):m&&(b.x=h(m))),{x:y.left+g.scrollLeft-b.x,y:y.top+g.scrollTop-b.y,width:y.width,height:y.height}}function g(e){var t=p(e),n=e.offsetWidth,r=e.offsetHeight;return Math.abs(
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:17 UTC1369INData Raw: 3d 3d 3d 69 2e 77 69 6c 6c 43 68 61 6e 67 65 7c 7c 74 26 26 69 2e 66 69 6c 74 65 72 26 26 22 6e 6f 6e 65 22 21 3d 3d 69 2e 66 69 6c 74 65 72 29 72 65 74 75 72 6e 20 6e 3b 6e 3d 6e 2e 70 61 72 65 6e 74 4e 6f 64 65 7d 72 65 74 75 72 6e 20 6e 75 6c 6c 7d 28 65 29 7c 7c 6e 7d 76 61 72 20 44 3d 22 74 6f 70 22 2c 41 3d 22 62 6f 74 74 6f 6d 22 2c 4c 3d 22 72 69 67 68 74 22 2c 50 3d 22 6c 65 66 74 22 2c 4d 3d 22 61 75 74 6f 22 2c 6b 3d 5b 44 2c 41 2c 4c 2c 50 5d 2c 57 3d 22 73 74 61 72 74 22 2c 42 3d 22 65 6e 64 22 2c 48 3d 22 76 69 65 77 70 6f 72 74 22 2c 54 3d 22 70 6f 70 70 65 72 22 2c 52 3d 6b 2e 72 65 64 75 63 65 28 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 65 2e 63 6f 6e 63 61 74 28 5b 74 2b 22 2d 22 2b 57 2c 74 2b 22 2d 22 2b 42 5d
                                                                                                                                                                                                                                                                                      Data Ascii: ===i.willChange||t&&i.filter&&"none"!==i.filter)return n;n=n.parentNode}return null}(e)||n}var D="top",A="bottom",L="right",P="left",M="auto",k=[D,A,L,P],W="start",B="end",H="viewport",T="popper",R=k.reduce((function(e,t){return e.concat([t+"-"+W,t+"-"+B]
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:17 UTC1369INData Raw: 4c 65 66 74 2c 6e 2e 62 6f 74 74 6f 6d 3d 6e 2e 74 6f 70 2b 65 2e 63 6c 69 65 6e 74 48 65 69 67 68 74 2c 6e 2e 72 69 67 68 74 3d 6e 2e 6c 65 66 74 2b 65 2e 63 6c 69 65 6e 74 57 69 64 74 68 2c 6e 2e 77 69 64 74 68 3d 65 2e 63 6c 69 65 6e 74 57 69 64 74 68 2c 6e 2e 68 65 69 67 68 74 3d 65 2e 63 6c 69 65 6e 74 48 65 69 67 68 74 2c 6e 2e 78 3d 6e 2e 6c 65 66 74 2c 6e 2e 79 3d 6e 2e 74 6f 70 2c 6e 7d 28 72 2c 6f 29 3a 4e 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 2c 6e 3d 64 28 65 29 2c 72 3d 75 28 65 29 2c 6f 3d 6e 75 6c 6c 3d 3d 28 74 3d 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 29 3f 76 6f 69 64 20 30 3a 74 2e 62 6f 64 79 2c 61 3d 69 28 6e 2e 73 63 72 6f 6c 6c 57 69 64 74 68 2c 6e 2e 63 6c 69 65 6e 74 57 69 64 74 68 2c 6f 3f 6f 2e 73 63 72 6f
                                                                                                                                                                                                                                                                                      Data Ascii: Left,n.bottom=n.top+e.clientHeight,n.right=n.left+e.clientWidth,n.width=e.clientWidth,n.height=e.clientHeight,n.x=n.left,n.y=n.top,n}(r,o):N(function(e){var t,n=d(e),r=u(e),o=null==(t=e.ownerDocument)?void 0:t.body,a=i(n.scrollWidth,n.clientWidth,o?o.scro
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:17 UTC1369INData Raw: 78 2b 6e 2e 77 69 64 74 68 2c 79 3a 66 7d 3b 62 72 65 61 6b 3b 63 61 73 65 20 50 3a 74 3d 7b 78 3a 6e 2e 78 2d 72 2e 77 69 64 74 68 2c 79 3a 66 7d 3b 62 72 65 61 6b 3b 64 65 66 61 75 6c 74 3a 74 3d 7b 78 3a 6e 2e 78 2c 79 3a 6e 2e 79 7d 7d 76 61 72 20 63 3d 69 3f 7a 28 69 29 3a 6e 75 6c 6c 3b 69 66 28 6e 75 6c 6c 21 3d 63 29 7b 76 61 72 20 70 3d 22 79 22 3d 3d 3d 63 3f 22 68 65 69 67 68 74 22 3a 22 77 69 64 74 68 22 3b 73 77 69 74 63 68 28 61 29 7b 63 61 73 65 20 57 3a 74 5b 63 5d 3d 74 5b 63 5d 2d 28 6e 5b 70 5d 2f 32 2d 72 5b 70 5d 2f 32 29 3b 62 72 65 61 6b 3b 63 61 73 65 20 42 3a 74 5b 63 5d 3d 74 5b 63 5d 2b 28 6e 5b 70 5d 2f 32 2d 72 5b 70 5d 2f 32 29 7d 7d 72 65 74 75 72 6e 20 74 7d 66 75 6e 63 74 69 6f 6e 20 59 28 65 29 7b 72 65 74 75 72 6e 20 4f
                                                                                                                                                                                                                                                                                      Data Ascii: x+n.width,y:f};break;case P:t={x:n.x-r.width,y:f};break;default:t={x:n.x,y:n.y}}var c=i?z(i):null;if(null!=c){var p="y"===c?"height":"width";switch(a){case W:t[c]=t[c]-(n[p]/2-r[p]/2);break;case B:t[c]=t[c]+(n[p]/2-r[p]/2)}}return t}function Y(e){return O
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:17 UTC1369INData Raw: 61 72 67 75 6d 65 6e 74 73 5b 6e 5d 3b 72 65 74 75 72 6e 21 74 2e 73 6f 6d 65 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 21 28 65 26 26 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 65 2e 67 65 74 42 6f 75 6e 64 69 6e 67 43 6c 69 65 6e 74 52 65 63 74 29 7d 29 29 7d 66 75 6e 63 74 69 6f 6e 20 5a 28 65 29 7b 76 6f 69 64 20 30 3d 3d 3d 65 26 26 28 65 3d 7b 7d 29 3b 76 61 72 20 74 3d 65 2c 72 3d 74 2e 64 65 66 61 75 6c 74 4d 6f 64 69 66 69 65 72 73 2c 6f 3d 76 6f 69 64 20 30 3d 3d 3d 72 3f 5b 5d 3a 72 2c 69 3d 74 2e 64 65 66 61 75 6c 74 4f 70 74 69 6f 6e 73 2c 61 3d 76 6f 69 64 20 30 3d 3d 3d 69 3f 4b 3a 69 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 72 29 7b 76 6f 69 64 20 30 3d 3d 3d 72 26 26 28 72 3d 61 29 3b
                                                                                                                                                                                                                                                                                      Data Ascii: arguments[n];return!t.some((function(e){return!(e&&"function"==typeof e.getBoundingClientRect)}))}function Z(e){void 0===e&&(e={});var t=e,r=t.defaultModifiers,o=void 0===r?[]:r,i=t.defaultOptions,a=void 0===i?K:i;return function(e,t,r){void 0===r&&(r=a);
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:17 UTC1369INData Raw: 70 6f 70 70 65 72 3b 69 66 28 51 28 74 2c 6e 29 29 7b 66 2e 72 65 63 74 73 3d 7b 72 65 66 65 72 65 6e 63 65 3a 79 28 74 2c 45 28 6e 29 2c 22 66 69 78 65 64 22 3d 3d 3d 66 2e 6f 70 74 69 6f 6e 73 2e 73 74 72 61 74 65 67 79 29 2c 70 6f 70 70 65 72 3a 67 28 6e 29 7d 2c 66 2e 72 65 73 65 74 3d 21 31 2c 66 2e 70 6c 61 63 65 6d 65 6e 74 3d 66 2e 6f 70 74 69 6f 6e 73 2e 70 6c 61 63 65 6d 65 6e 74 2c 66 2e 6f 72 64 65 72 65 64 4d 6f 64 69 66 69 65 72 73 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 66 2e 6d 6f 64 69 66 69 65 72 73 44 61 74 61 5b 65 2e 6e 61 6d 65 5d 3d 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 28 7b 7d 2c 65 2e 64 61 74 61 29 7d 29 29 3b 66 6f 72 28 76 61 72 20 72 3d 30 3b 72 3c 66 2e 6f 72 64 65 72 65 64 4d
                                                                                                                                                                                                                                                                                      Data Ascii: popper;if(Q(t,n)){f.rects={reference:y(t,E(n),"fixed"===f.options.strategy),popper:g(n)},f.reset=!1,f.placement=f.options.placement,f.orderedModifiers.forEach((function(e){return f.modifiersData[e.name]=Object.assign({},e.data)}));for(var r=0;r<f.orderedM
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:17 UTC1369INData Raw: 61 74 65 2c 24 29 7d 7d 2c 64 61 74 61 3a 7b 7d 7d 3b 76 61 72 20 74 65 3d 7b 6e 61 6d 65 3a 22 70 6f 70 70 65 72 4f 66 66 73 65 74 73 22 2c 65 6e 61 62 6c 65 64 3a 21 30 2c 70 68 61 73 65 3a 22 72 65 61 64 22 2c 66 6e 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 2e 73 74 61 74 65 2c 6e 3d 65 2e 6e 61 6d 65 3b 74 2e 6d 6f 64 69 66 69 65 72 73 44 61 74 61 5b 6e 5d 3d 58 28 7b 72 65 66 65 72 65 6e 63 65 3a 74 2e 72 65 63 74 73 2e 72 65 66 65 72 65 6e 63 65 2c 65 6c 65 6d 65 6e 74 3a 74 2e 72 65 63 74 73 2e 70 6f 70 70 65 72 2c 73 74 72 61 74 65 67 79 3a 22 61 62 73 6f 6c 75 74 65 22 2c 70 6c 61 63 65 6d 65 6e 74 3a 74 2e 70 6c 61 63 65 6d 65 6e 74 7d 29 7d 2c 64 61 74 61 3a 7b 7d 7d 2c 6e 65 3d 7b 74 6f 70 3a 22 61 75 74 6f 22 2c 72 69 67 68
                                                                                                                                                                                                                                                                                      Data Ascii: ate,$)}},data:{}};var te={name:"popperOffsets",enabled:!0,phase:"read",fn:function(e){var t=e.state,n=e.name;t.modifiersData[n]=X({reference:t.rects.reference,element:t.rects.popper,strategy:"absolute",placement:t.placement})},data:{}},ne={top:"auto",righ
                                                                                                                                                                                                                                                                                      2024-12-20 11:05:17 UTC1369INData Raw: 53 2c 28 28 6e 3d 7b 7d 29 5b 4d 5d 3d 4f 3f 62 2b 22 70 78 22 3a 22 22 2c 6e 5b 6a 5d 3d 77 3f 79 2b 22 70 78 22 3a 22 22 2c 6e 2e 74 72 61 6e 73 66 6f 72 6d 3d 22 22 2c 6e 29 29 7d 76 61 72 20 6f 65 3d 7b 6e 61 6d 65 3a 22 63 6f 6d 70 75 74 65 53 74 79 6c 65 73 22 2c 65 6e 61 62 6c 65 64 3a 21 30 2c 70 68 61 73 65 3a 22 62 65 66 6f 72 65 57 72 69 74 65 22 2c 66 6e 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 2e 73 74 61 74 65 2c 6e 3d 65 2e 6f 70 74 69 6f 6e 73 2c 72 3d 6e 2e 67 70 75 41 63 63 65 6c 65 72 61 74 69 6f 6e 2c 6f 3d 76 6f 69 64 20 30 3d 3d 3d 72 7c 7c 72 2c 69 3d 6e 2e 61 64 61 70 74 69 76 65 2c 61 3d 76 6f 69 64 20 30 3d 3d 3d 69 7c 7c 69 2c 73 3d 6e 2e 72 6f 75 6e 64 4f 66 66 73 65 74 73 2c 66 3d 76 6f 69 64 20 30 3d 3d 3d
                                                                                                                                                                                                                                                                                      Data Ascii: S,((n={})[M]=O?b+"px":"",n[j]=w?y+"px":"",n.transform="",n))}var oe={name:"computeStyles",enabled:!0,phase:"beforeWrite",fn:function(e){var t=e.state,n=e.options,r=n.gpuAcceleration,o=void 0===r||r,i=n.adaptive,a=void 0===i||i,s=n.roundOffsets,f=void 0===


                                                                                                                                                                                                                                                                                      Statistics

                                                                                                                                                                                                                                                                                      CPU Usage

                                                                                                                                                                                                                                                                                      Click to jump to process

                                                                                                                                                                                                                                                                                      Memory Usage

                                                                                                                                                                                                                                                                                      Click to jump to process

                                                                                                                                                                                                                                                                                      High Level Behavior Distribution

                                                                                                                                                                                                                                                                                      Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                                      Behavior

                                                                                                                                                                                                                                                                                      Click to jump to process

                                                                                                                                                                                                                                                                                      System Behavior

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:0
                                                                                                                                                                                                                                                                                      Start time:06:04:58
                                                                                                                                                                                                                                                                                      Start date:20/12/2024
                                                                                                                                                                                                                                                                                      Path:C:\Users\user\Desktop\Ocean-T2I4I8O9.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Users\user\Desktop\Ocean-T2I4I8O9.exe"
                                                                                                                                                                                                                                                                                      Imagebase:0x140000000
                                                                                                                                                                                                                                                                                      File size:6'023'056 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:1DEEDF7EDD7B1AFFCB7555D9ED27EB48
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:2
                                                                                                                                                                                                                                                                                      Start time:06:05:07
                                                                                                                                                                                                                                                                                      Start date:20/12/2024
                                                                                                                                                                                                                                                                                      Path:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=Ocean-T2I4I8O9.exe --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=6592.5960.2910270123947271652
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff600620000
                                                                                                                                                                                                                                                                                      File size:3'749'328 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:9909D978B39FB7369F511D8506C17CA0
                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:3
                                                                                                                                                                                                                                                                                      Start time:06:05:07
                                                                                                                                                                                                                                                                                      Start date:20/12/2024
                                                                                                                                                                                                                                                                                      Path:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x170,0x7ffdfb378e88,0x7ffdfb378e98,0x7ffdfb378ea8
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff600620000
                                                                                                                                                                                                                                                                                      File size:3'749'328 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:9909D978B39FB7369F511D8506C17CA0
                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:5
                                                                                                                                                                                                                                                                                      Start time:06:05:07
                                                                                                                                                                                                                                                                                      Start date:20/12/2024
                                                                                                                                                                                                                                                                                      Path:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --webview-exe-name=Ocean-T2I4I8O9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1764 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=MojoIpcz /prefetch:2
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff600620000
                                                                                                                                                                                                                                                                                      File size:3'749'328 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:9909D978B39FB7369F511D8506C17CA0
                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:6
                                                                                                                                                                                                                                                                                      Start time:06:05:07
                                                                                                                                                                                                                                                                                      Start date:20/12/2024
                                                                                                                                                                                                                                                                                      Path:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --webview-exe-name=Ocean-T2I4I8O9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2768 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=MojoIpcz /prefetch:3
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff600620000
                                                                                                                                                                                                                                                                                      File size:3'749'328 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:9909D978B39FB7369F511D8506C17CA0
                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:7
                                                                                                                                                                                                                                                                                      Start time:06:05:07
                                                                                                                                                                                                                                                                                      Start date:20/12/2024
                                                                                                                                                                                                                                                                                      Path:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --webview-exe-name=Ocean-T2I4I8O9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2988 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=MojoIpcz /prefetch:8
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff600620000
                                                                                                                                                                                                                                                                                      File size:3'749'328 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:9909D978B39FB7369F511D8506C17CA0
                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:8
                                                                                                                                                                                                                                                                                      Start time:06:05:08
                                                                                                                                                                                                                                                                                      Start date:20/12/2024
                                                                                                                                                                                                                                                                                      Path:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --webview-exe-name=Ocean-T2I4I8O9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1734687315032790 --launch-time-ticks=5393060708 --mojo-platform-channel-handle=3384 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=MojoIpcz /prefetch:1
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff600620000
                                                                                                                                                                                                                                                                                      File size:3'749'328 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:9909D978B39FB7369F511D8506C17CA0
                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:15
                                                                                                                                                                                                                                                                                      Start time:06:07:07
                                                                                                                                                                                                                                                                                      Start date:20/12/2024
                                                                                                                                                                                                                                                                                      Path:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\Ocean-T2I4I8O9.exe\EBWebView" --webview-exe-name=Ocean-T2I4I8O9.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=748 --field-trial-handle=1760,i,262911183732815154,5569743286255007371,262144 --enable-features=MojoIpcz /prefetch:2
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff600620000
                                                                                                                                                                                                                                                                                      File size:3'749'328 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:9909D978B39FB7369F511D8506C17CA0
                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      Disassembly

                                                                                                                                                                                                                                                                                      No disassembly