Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
Message.eml

Overview

General Information

Sample name:Message.eml
Analysis ID:1653825
MD5:67daf8d51cd22f497711c123ab99c95c
SHA1:613e03fb61ecfa18bf0498c4fc90824951d9782a
SHA256:0323f875190a1d85f9438547e76ec838fadda1e8e468f1bc1140bd52a9a17ead
Infos:

Detection

Score:52
Range:0 - 100
Confidence:100%

Signatures

AI detected landing page (webpage, office document or email)
AI detected suspicious elements in Email content
AI detected suspicious elements in Email header
Creates a window with clipboard capturing capabilities
Queries the volume information (name, serial number etc) of a device
Sigma detected: Office Autorun Keys Modification
Sigma detected: Outlook Security Settings Updated - Registry
Stores large binary data to the registry
Suricata IDS alerts with low severity for network traffic
Uses a known web browser user agent for HTTP communication

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64_ra
  • OUTLOOK.EXE (PID: 6300 cmdline: "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /eml "C:\Users\user\Desktop\Message.eml" MD5: 91A5292942864110ED734005B7E005C0)
    • ai.exe (PID: 6512 cmdline: "C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "513F85D1-2ACA-482F-987A-B4E0E0CAEEB6" "E944699E-23AA-4C22-8C53-0542AD00B42A" "6300" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx" MD5: EC652BEDD90E089D9406AFED89A8A8BD)
    • msedge.exe (PID: 2800 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\821LMD6U\email.mht MD5: 69222B8101B0601CC6663F8381E7E00F)
      • msedge.exe (PID: 2908 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=2036,i,15070367935257998653,18264982407909215260,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • msedge.exe (PID: 5860 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate --single-argument C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\821LMD6U\email.mht MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 448 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2256 --field-trial-handle=1988,i,5170991136022163255,1873732831651271066,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 6720 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6376 --field-trial-handle=1988,i,5170991136022163255,1873732831651271066,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 1816 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6540 --field-trial-handle=1988,i,5170991136022163255,1873732831651271066,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 6640 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=5792 --field-trial-handle=1988,i,5170991136022163255,1873732831651271066,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 , EventID: 13, EventType: SetValue, Image: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE, ProcessId: 6300, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Addins\OneNote.OutlookAddin\1
Source: Registry Key setAuthor: frack113: Data: Details: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\821LMD6U\, EventID: 13, EventType: SetValue, Image: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE, ProcessId: 6300, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Security\OutlookSecureTempFolder

Suricata Signatures

TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
2025-04-01T16:46:25.018406+020020283713Unknown Traffic192.168.2.164969652.123.128.14443TCP

Joe Sandbox Signatures

  • Phishing
  • Networking
  • Key, Mouse, Clipboard, Microphone and Screen Capturing
  • System Summary
  • Hooking and other Techniques for Hiding and Protection
  • Malware Analysis System Evasion
  • Language, Device and Operating System Detection

Click to jump to signature section

Show All Signature Results

Phishing

barindex
Source: EmailJoe Sandbox AI: Email contains prominent button: 'review document'
Source: EmailJoe Sandbox AI: Detected potential phishing email: The sender email domain 'umail.hinet.net' is suspicious and doesn't match Roquette's legitimate domain. The email contains multiple repetitive content blocks, which is typical of phishing attempts trying to bypass spam filters. The subject line about payroll and salary bonus combined with a DocuSign request is a common phishing lure
Source: EmailJoe Sandbox AI: Detected suspicious elements in Email header: Suspicious internal routing through 'melodic-subject-455100' which appears non-standard. Dynamic IP address in received headers (1-160-1-210.dynamic-ip.hinet.net) is suspicious for legitimate business email. Anonymous cross-tenant authentication (x-ms-exchange-crosstenant-authas: Anonymous). Message originates from Taiwan (CTRY:TW) but uses internal routing through US (us-east4). Despite low SCL and BCL scores, the combination of dynamic IP, anonymous authentication, and suspicious routing patterns indicates potential compromise. The message-id format matches the return path domain (hinet.net) but the routing path is suspicious. Extremely long Microsoft antispam message info suggests potential attempt to bypass filtering
Source: EmailClassification: Payroll Fraud
Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.16:49696 -> 52.123.128.14:443
Source: global trafficHTTP traffic detected: OPTIONS /api/report?cat=bingbusiness HTTP/1.1Host: bzib.nelreports.netConnection: keep-aliveOrigin: https://business.bing.comAccess-Control-Request-Method: POSTAccess-Control-Request-Headers: content-typeUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /crx/blobs/Ad_brx3-BuL0c-lurTuHDvLGx_3o1po6xdCJ6biVPWmOWpEAIO3qQwYr84tWN8xt3Y-b4FBELB16YJo65m5b1LlifuobAPibVoX_4l94iArbx2Gsn4X-g9109tXuJL65PgYAxlKa5UnJV70rV6RKReARs98yYD2dVaKO/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_90_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /api/report?cat=bingbusiness HTTP/1.1Host: bzib.nelreports.netConnection: keep-aliveContent-Length: 470Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /undersideproactive/api/v1/trigger HTTP/1.1Host: services.bingapis.comConnection: keep-aliveContent-Length: 198Content-Type: application/jsonSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /widgets/fullpage/distribution/edgewelcome?experiences=DistributionPage&ocid=edge-whatsnew HTTP/1.1Host: www.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /bundles/v1/distribution/latest/vendors.d049fb344a15489e568f.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /bundles/v1/distribution/latest/microsoft.a64b2be15baaa46efd42.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /npm/@shoelace-style/shoelace@2.12.0/cdn/themes/light.css HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://apps.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: OPTIONS /OneCollector/1.0?cors=true&content-type=application/x-json-stream&w=0&anoncknm=app_anon HTTP/1.1Host: browser.events.data.msn.comConnection: keep-aliveAccept: */*Access-Control-Request-Method: POSTAccess-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-timeOrigin: https://www.msn.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Sec-Fetch-Mode: corsSec-Fetch-Site: same-siteSec-Fetch-Dest: emptyReferer: https://www.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&w=0&anoncknm=app_anon HTTP/1.1Host: browser.events.data.msn.comConnection: keep-aliveContent-Length: 4619sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"upload-time: 1743518885737sec-ch-ua-mobile: ?0client-version: 1DS-Web-JS-3.2.8User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47time-delta-to-apply-millis: use-collector-deltacontent-type: application/x-json-streamcache-control: no-cache, no-storeapikey: 0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279Client-Id: NO_AUTHsec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: USRLOC=; MUID=00A6765A51966F3C0016639B50E46E3E; msnup=%7B%22cnex%22%3A%22no%22%7D
Source: global trafficHTTP traffic detected: POST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1743518887473&time-delta-to-apply-millis=use-collector-delta&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1Host: browser.events.data.msn.comConnection: keep-aliveContent-Length: 2979sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://www.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://www.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: USRLOC=; MUID=00A6765A51966F3C0016639B50E46E3E; msnup=%7B%22cnex%22%3A%22no%22%7D
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.81.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.81.227
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.5.80
Source: global trafficHTTP traffic detected: GET /crx/blobs/Ad_brx3-BuL0c-lurTuHDvLGx_3o1po6xdCJ6biVPWmOWpEAIO3qQwYr84tWN8xt3Y-b4FBELB16YJo65m5b1LlifuobAPibVoX_4l94iArbx2Gsn4X-g9109tXuJL65PgYAxlKa5UnJV70rV6RKReARs98yYD2dVaKO/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_90_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /widgets/fullpage/distribution/edgewelcome?experiences=DistributionPage&ocid=edge-whatsnew HTTP/1.1Host: www.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /bundles/v1/distribution/latest/vendors.d049fb344a15489e568f.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /bundles/v1/distribution/latest/microsoft.a64b2be15baaa46efd42.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /npm/@shoelace-style/shoelace@2.12.0/cdn/themes/light.css HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://apps.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficDNS traffic detected: DNS query: bzib.nelreports.net
Source: global trafficDNS traffic detected: DNS query: clients2.googleusercontent.com
Source: global trafficDNS traffic detected: DNS query: chrome.cloudflare-dns.com
Source: unknownHTTP traffic detected: POST /api/report?cat=bingbusiness HTTP/1.1Host: bzib.nelreports.netConnection: keep-aliveContent-Length: 470Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundX-Cache: CONFIG_NOCACHEAccept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-VersionX-MSEdge-Ref: Ref A: 919216F7241F49DF857F9F817CD6E80B Ref B: EWR311000107035 Ref C: 2025-04-01T14:47:24ZDate: Tue, 01 Apr 2025 14:47:24 GMTConnection: closeContent-Length: 0
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49688
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49884
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49688 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 49902 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49927 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49927
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49869
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49902
Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEWindow created: window name: CLIPBRDWNDCLASS
Source: classification engineClassification label: mal52.winEML@66/192@10/161
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile created: C:\Users\user\Documents\Outlook Files\~Outlook Data File - NoEmail.pst.tmp
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile created: C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_16827_20130-20250401T1046220682-6300.etl
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile read: C:\Users\desktop.ini
Source: unknownProcess created: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /eml "C:\Users\user\Desktop\Message.eml"
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe "C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "513F85D1-2ACA-482F-987A-B4E0E0CAEEB6" "E944699E-23AA-4C22-8C53-0542AD00B42A" "6300" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx"
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe "C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "513F85D1-2ACA-482F-987A-B4E0E0CAEEB6" "E944699E-23AA-4C22-8C53-0542AD00B42A" "6300" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx"
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\821LMD6U\email.mht
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=2036,i,15070367935257998653,18264982407909215260,262144 /prefetch:3
Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate --single-argument C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\821LMD6U\email.mht
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2256 --field-trial-handle=1988,i,5170991136022163255,1873732831651271066,262144 /prefetch:3
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6376 --field-trial-handle=1988,i,5170991136022163255,1873732831651271066,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6540 --field-trial-handle=1988,i,5170991136022163255,1873732831651271066,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\821LMD6U\email.mht
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=2036,i,15070367935257998653,18264982407909215260,262144 /prefetch:3
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2256 --field-trial-handle=1988,i,5170991136022163255,1873732831651271066,262144 /prefetch:3
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6376 --field-trial-handle=1988,i,5170991136022163255,1873732831651271066,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6540 --field-trial-handle=1988,i,5170991136022163255,1873732831651271066,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=5792 --field-trial-handle=1988,i,5170991136022163255,1873732831651271066,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=5792 --field-trial-handle=1988,i,5170991136022163255,1873732831651271066,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: apphelp.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: c2r64.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: userenv.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: msasn1.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: cryptsp.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: rsaenh.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: gpapi.dll
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{79eac9d0-baf9-11ce-8c82-00aa004ba90b}\InprocServer32
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEWindow found: window name: SysTabControl32
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Common
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEKey value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{2B379600-B42B-4FE9-A59C-A312FB934935} DeviceTicket
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile Volume queried: C:\Windows\SysWOW64 FullSizeInformation
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information queried: ProcessInformation
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeQueries volume information: C:\Program Files (x86)\Microsoft Office\root\Office16\AI\WordCombinedFloatieLreOnline.onnx VolumeInformation
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation21
Browser Extensions		1
Process Injection		1
Masquerading		OS Credential Dumping1
Process Discovery		Remote Services1
Clipboard Data		1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/Job1
DLL Side-Loading		1
DLL Side-Loading		1
Modify Registry		LSASS Memory1
File and Directory Discovery		Remote Desktop ProtocolData from Removable Media3
Ingress Tool Transfer		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
Process Injection		Security Account Manager13
System Information Discovery		SMB/Windows Admin SharesData from Network Shared Drive4
Non-Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
DLL Side-Loading		NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture15
Application Layer Protocol		Traffic DuplicationData Destruction

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

No bigger version
No bigger version
No bigger version
No bigger version
No bigger version

windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1743518887473&time-delta-to-apply-millis=use-collector-delta&w=0&anoncknm=app_anon&NoResponseBody=true0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
s-part-0012.t-0009.t-msedge.net
13.107.246.40
truefalse
    		high
    chrome.cloudflare-dns.com
    		172.64.41.3
    		truefalse
      		high
      ax-0002.ax-msedge.net
      		150.171.28.11
      		truefalse
        		high
        a416.dscd.akamai.net
        		23.206.121.48
        		truefalse
          		high
          a726.dscd.akamai.net
          		23.53.126.12
          		truefalse
            		high
            s-0005.dual-s-msedge.net
            		52.123.128.14
            		truefalse
              		high
              googlehosted.l.googleusercontent.com
              		142.251.40.97
              		truefalse
                		high
                clients2.googleusercontent.com
                		unknown
                		unknownfalse
                  		high
                  bzib.nelreports.net
                  		unknown
                  		unknownfalse
                    		high

                    Contacted URLs

                    NameMaliciousAntivirus DetectionReputation
                    https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1743518887473&time-delta-to-apply-millis=use-collector-delta&w=0&anoncknm=app_anon&NoResponseBody=truefalse
                    • Avira URL Cloud: safe
                    		unknown
                    https://clients2.googleusercontent.com/crx/blobs/Ad_brx3-BuL0c-lurTuHDvLGx_3o1po6xdCJ6biVPWmOWpEAIO3qQwYr84tWN8xt3Y-b4FBELB16YJo65m5b1LlifuobAPibVoX_4l94iArbx2Gsn4X-g9109tXuJL65PgYAxlKa5UnJV70rV6RKReARs98yYD2dVaKO/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_90_1_0.crxfalse
                      		high
                      https://assets.msn.com/bundles/v1/distribution/latest/vendors.d049fb344a15489e568f.jsfalse
                        		high
                        https://bzib.nelreports.net/api/report?cat=bingbusinessfalse
                          		high
                          https://assets.msn.com/bundles/v1/distribution/latest/microsoft.a64b2be15baaa46efd42.jsfalse
                            		high
                            https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&w=0&anoncknm=app_anonfalse
                              		high
                              https://chrome.cloudflare-dns.com/dns-queryfalse
                                		high
                                https://cdn.jsdelivr.net/npm/@shoelace-style/shoelace@2.12.0/cdn/themes/light.cssfalse
                                  		high
                                  https://services.bingapis.com/undersideproactive/api/v1/triggerfalse
                                    		high

                                    World Map of Contacted IPs

                                    • No. of IPs < 25%
                                    • 25% < No. of IPs < 50%
                                    • 50% < No. of IPs < 75%
                                    • 75% < No. of IPs

                                    Public IPs

                                    IPDomainCountryFlagASNASN NameMalicious
                                    13.107.6.158
                                    		unknownUnited States
                                    		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                    13.107.246.40
                                    		s-part-0012.t-0009.t-msedge.netUnited States
                                    		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                    151.101.129.229
                                    		unknownUnited States
                                    		54113FASTLYUSfalse
                                    20.189.173.3
                                    		unknownUnited States
                                    		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                    23.51.57.215
                                    		unknownUnited States
                                    		4788TMNET-AS-APTMNetInternetServiceProviderMYfalse
                                    23.53.126.12
                                    		a726.dscd.akamai.netUnited States
                                    		20940AKAMAI-ASN1EUfalse
                                    23.53.126.14
                                    		unknownUnited States
                                    		20940AKAMAI-ASN1EUfalse
                                    23.53.126.13
                                    		unknownUnited States
                                    		20940AKAMAI-ASN1EUfalse
                                    23.48.224.230
                                    		unknownUnited States
                                    		20940AKAMAI-ASN1EUfalse
                                    162.159.61.3
                                    		unknownUnited States
                                    		13335CLOUDFLARENETUSfalse
                                    23.206.121.48
                                    		a416.dscd.akamai.netUnited States
                                    		33490COMCAST-33490USfalse
                                    23.203.106.28
                                    		unknownUnited States
                                    		16625AKAMAI-ASUSfalse
                                    150.171.28.11
                                    		ax-0002.ax-msedge.netUnited States
                                    		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                    20.42.73.24
                                    		unknownUnited States
                                    		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                    172.64.41.3
                                    		chrome.cloudflare-dns.comUnited States
                                    		13335CLOUDFLARENETUSfalse
                                    13.107.5.80
                                    		unknownUnited States
                                    		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                    142.250.80.14
                                    		unknownUnited States
                                    		15169GOOGLEUSfalse
                                    1.1.1.1
                                    		unknownAustralia
                                    		13335CLOUDFLARENETUSfalse
                                    13.107.42.16
                                    		unknownUnited States
                                    		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                    52.123.128.14
                                    		s-0005.dual-s-msedge.netUnited States
                                    		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                    23.206.121.57
                                    		unknownUnited States
                                    		33490COMCAST-33490USfalse
                                    150.171.27.10
                                    		unknownUnited States
                                    		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                    239.255.255.250
                                    		unknownReserved
                                    		unknownunknownfalse
                                    142.251.40.97
                                    		googlehosted.l.googleusercontent.comUnited States
                                    		15169GOOGLEUSfalse
                                    150.171.27.11
                                    		unknownUnited States
                                    		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                    23.33.40.153
                                    		unknownUnited States
                                    		20940AKAMAI-ASN1EUfalse
                                    23.219.36.110
                                    		unknownUnited States
                                    		20940AKAMAI-ASN1EUfalse
                                    23.33.40.152
                                    		unknownUnited States
                                    		20940AKAMAI-ASN1EUfalse
                                    204.79.197.203
                                    		unknownUnited States
                                    		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse

                                    Private

                                    IP
                                    192.168.2.16

                                    General Information

                                    Joe Sandbox version:42.0.0 Malachite
                                    Analysis ID:1653825
                                    Start date and time:2025-04-01 16:45:44 +02:00
                                    Joe Sandbox product:CloudBasic
                                    Overall analysis duration:
                                    Hypervisor based Inspection enabled:false
                                    Report type:full
                                    Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                    Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                    Number of analysed new started processes analysed:23
                                    Number of new started drivers analysed:0
                                    Number of existing processes analysed:0
                                    Number of existing drivers analysed:0
                                    Number of injected processes analysed:0
                                    Technologies:
                                    • EGA enabled
                                    Analysis Mode:stream
                                    Analysis stop reason:Timeout
                                    Sample name:Message.eml
                                    Detection:MAL
                                    Classification:mal52.winEML@66/192@10/161
                                    Cookbook Comments:
                                    • Found application associated with file extension: .eml
                                    • Exclude process from analysis (whitelisted): SIHClient.exe, svchost.exe
                                    • Excluded IPs from analysis (whitelisted): 23.53.126.13, 23.53.126.77, 20.42.73.24, 20.109.210.53, 40.126.24.84, 184.31.69.3
                                    • Excluded IPs from analysis (whitelisted): 52.123.128.14
                                    • Excluded domains from analysis (whitelisted): ecs.office.com
                                    • Not all processes where analyzed, report is missing behavior information
                                    • Report size getting too big, too many NtOpenFile calls found.
                                    • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                    • Report size getting too big, too many NtQueryValueKey calls found.
                                    • Report size getting too big, too many NtWriteVirtualMemory calls found.
                                    • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                    • VT rate limit hit for: https://browser.events.data.msn.com/OneCollector/1.0?cors=true&amp;content-type=application/x-json-stream&amp;client-id=NO_AUTH&amp;client-version=1DS-Web-JS-3.2.8&amp;apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&amp;upload-time=1743518887473&amp;time-delta-to-apply-millis=use-collector-delta&amp;w=0&amp;anoncknm=app_anon&amp;NoResponseBody=true

                                    Created / dropped Files

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\0c289ad0-78bd-46f8-9f50-dfc2a59665d6.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):49063
                                    Entropy (8bit):6.096780366941259
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:D8BA9F794D89CE0E09ED43642ADF6746
                                    SHA1:93204673AD7CD2041C025541B136D22C01A7C659
                                    SHA-256:1E59252B953EF8E3E2A7436A5654B0BF861C3FC1FC28431CF4482BC5E456F9BA
                                    SHA-512:E7F04432257DDA3DB16C0D3A2EC130E75487B4105EED57157B848672C64DD22568646983853003D20C0854F112B91A05A74356252BB1F5B7C1C85873174CEFA5
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1743518830"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNor

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\1dd491ec-41c0-496d-b5e8-2f7e47b7e602.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):58901
                                    Entropy (8bit):6.106793235290566
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:046E60550EB1E9231B2BC12B98B13B61
                                    SHA1:BAE107213205AD83021964043A4AE9F2D234D7B8
                                    SHA-256:63B09A29E4991AB49B41B61CD31827F69CDF6F1A73C528F150BD8E8190FFA0DD
                                    SHA-512:DDCF0D690CC1907B72F195D34029348BE1BD61624DCC49A54A1BD97EFF44D81469D60905ABF02DA4F1131E2BE1C73E8DCC3BD182D6AE0936AB3C6DA64D139BC7
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\492918fa-06d1-44ca-b0e7-3ba883558186.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):58057
                                    Entropy (8bit):6.106061014741872
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:A58A410D13DC252E2185A015F77D79A3
                                    SHA1:2037FA00EE15668E0BA37C69E95BC38152FB1D70
                                    SHA-256:379CDB76D911C2C0C129F0760B0E47F9E3F1F6CF37774533D93B35F63DA6D74C
                                    SHA-512:C74CEAEDA041C967A2992569CEFDF33D4DADEF77283FDB215C5DEF30DFBD83850850C51ADF8C1671024E9890634B1E3869D6381C92A595B458F087C9E060AD02
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\4eb07aaf-caf0-4f66-99d8-76bd2b1e763b.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):49095
                                    Entropy (8bit):6.096551420098351
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:EE36005B234A957684A1C7847CC817C9
                                    SHA1:CE709EB9EC55E5C38A88156A2091D0BC4ABCFA93
                                    SHA-256:D53A9CCE5DEB1C6E7D4C190851DE147D97C67908D9489DB62A369413A7B85D88
                                    SHA-512:9E834CD36BCB8508B4F3D41C8F382C0E8CA16183AE23712006610DCB6ADADCD673C0BAAD944B95D0A167E0781852A2C35E2EF2886BAC2FB1939FB2C972483C91
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1743518871"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNor

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\9945e6e0-3cdd-4442-a5f6-dad751520f2f.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):49086
                                    Entropy (8bit):6.096627162717592
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:8052BA647E46264D10EB84222068AE05
                                    SHA1:E36D41B4940D0787051AE758BAA473AA9B5BC34D
                                    SHA-256:4BD1985432AE54ED024FA07A3E3E3392DA99BA45233D1FA120E8A1A475ABAC08
                                    SHA-512:5B3FCF26C85E7E4D99A78612D622FEE6E2151C8C7F2FFF25CFC87C9BC9B6BC0F8E5CC40485B7A7879248472A9A8588330535A795B48100BC9FD5D75C53E44F6F
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"0"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\9c40dc82-2622-40b0-a206-29ba6bdc028d.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):49086
                                    Entropy (8bit):6.0966292920756455
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:3A91F66758A4FB390D4DB5479D2D2E78
                                    SHA1:0A87C1D767808AF4D4559B2E80B67EFA0E2C8AEC
                                    SHA-256:4A82E47934005B8BFCA556F1A4E62342769D5EC04C66CEAD369841EA67462EC9
                                    SHA-512:120BE3A57D18BED2992148A7BEEF4D652FB17B16A399E7A42AF3456462CF4BD8A43A3A156146E808BBCEB1B3FFB66F9C9BFB66B013AF47B77B80E84781AEA108
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"0"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\738c2390-86ff-418f-996b-bed6ce0961ae.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):107893
                                    Entropy (8bit):4.640137257437767
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:7129D4BC1D980217D137BA5631FDBB5A
                                    SHA1:DDDC2B18DC0AC8E3821605EEDC7ABA53E0996218
                                    SHA-256:C9EE27A10E08696ABCECBCABE93C043602C809B73289013B9CD82B95C023C272
                                    SHA-512:3415532083D5BD995F369CBA228358C1EA74E62237E2945C82591535EF9FDA29BC66198A96AE12B80EA2B6634AE1DDE01F0B73163697D5CA1F4FC8FD13348623
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):0
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:7129D4BC1D980217D137BA5631FDBB5A
                                    SHA1:DDDC2B18DC0AC8E3821605EEDC7ABA53E0996218
                                    SHA-256:C9EE27A10E08696ABCECBCABE93C043602C809B73289013B9CD82B95C023C272
                                    SHA-512:3415532083D5BD995F369CBA228358C1EA74E62237E2945C82591535EF9FDA29BC66198A96AE12B80EA2B6634AE1DDE01F0B73163697D5CA1F4FC8FD13348623
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-67EBFC6A-16E4.pma

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):4194304
                                    Entropy (8bit):0.49620773799850026
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:B08DC08E2A9087478EB9DAC65478506D
                                    SHA1:7DA1ABA07CD661900D5049A942B74BECC691B749
                                    SHA-256:F7F417708D6780BDD4181FE30B3313F4FB03700AC166653948DDF7EDE7DEB292
                                    SHA-512:D8F51EA70FF2A5E18328E134D7637637441EAB0386F175697DC4B8B0AE2686ED1335FC869D19BFBFB532A916602933F6D88CF54CDA0D5069B7AB30803009CE7C
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:...@..@...@.....C.].....@...............(...................`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30....u.........117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?.......".dnhaev20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J...I.r.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............2......................w..U?:K..>.........."....."...2...".*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z....+....W@..$...SF@.......Y@.......Y@.......Y@........?........?.................?.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@................Y@.......Y@.......Y@........?........?z............<..8...#...msNurturingAssistanceHomeDependency.....triggere

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-67EBFC6A-AF0.pma

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):4194304
                                    Entropy (8bit):0.040783957935352444
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:6D34067EE38D882B3E650EBC861F50F2
                                    SHA1:04C2FC8753691EB6C29729BF3FB6731CA96C8F95
                                    SHA-256:5C2B649F074A5186C8A2A70B3284D0628B3D611CACD3D3EE0255F2AB3F971AA6
                                    SHA-512:A8991FB1C18A4792C24E59A0495ACA6D963D8791E9FFCA10A4F4DBF6AD265D96EF3DBA4FCE8815D4C2279B6CB7E4C8DF5FE887E24335247823F02A028B806D83
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:...@..@...@.....C.].....@...............Xb...R..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30....q.........117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?.......".dnhaev20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J...I.r.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............2......................w..U.>.........."....."...2...".*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z....+....W@..$...SF@.......Y@.......Y@.......Y@........?........?.................?.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@................Y@.......Y@.......Y@........?........?z...........................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):280
                                    Entropy (8bit):4.198940907185536
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:50D401BF61D47BBBFB5EEEDB7EBD56E6
                                    SHA1:5704BDA016CB7A4E326B49EFAE45833069A1770F
                                    SHA-256:C05652FE06E0101C007396179E4AED57702E2A2ECD5B30DF1B8BB674BEA5A05C
                                    SHA-512:44EA6CDBAC4DB208F9EC633D9485A5A9D72A51F5FF06C17F34EDCEFE36F160A866C6E311C8F7B76CAA5BCDC731CDD59C1E1022B7AE107367F74095739248B2E0
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:sdPC......................z....K..s...x."DmHYrCHlc5lFyRGUq62R3qS1k3Ui6rBGmzkDnx9Vsbw="..................................................................................47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=....................7dc5f755-0f90-4102-bc8e-37d02917bdc7............

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\06e09dc7-5707-4fe7-974e-337478ca1506.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):14032
                                    Entropy (8bit):5.266254992277846
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:C76510708A774967B9D116BEC94E2617
                                    SHA1:603ED0726127A44B9F30A6F3FCC56C63300A79D1
                                    SHA-256:1086AC30FE7F63DA3EA46B2DC2087187EA06AD0FD3A03939EB118050912F6616
                                    SHA-512:309929A97948514DDA4F9A590876508456C517CBBF80E15B9FE6A0E41F387357588D622BD961CBFE0435CDA3D37E7440EF3BF902F1F6FA9B10D4710C0970BCB3
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13387992427440821","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\2ffc5f22-ef9e-4042-9441-388a23e9a5b9.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):39660
                                    Entropy (8bit):5.5623902938784875
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:0F7B763C10D45A9A4FA04DE0280A86F5
                                    SHA1:947A701E070821FD926EAA17B85F21D039926FEB
                                    SHA-256:8248BB92D3FD5470E442D5DE22F92041A31E72886C0CD7B8CD9B879CE463EF14
                                    SHA-512:0249F73B74DDBC54FAB046C151C26165C69ACF2549F7D121449C4B137239428A63AAA1F1D9C426FC6748C25393CEB8257FC1AF520B3B5C01E29E0D9B379CE8F3
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13387992426904873","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13387992426904873","location":5,"ma

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\4042e07f-fe5b-4fed-b524-3836196b7a13.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):37816
                                    Entropy (8bit):5.556021134573976
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:067699A0B73DB4CB10CD399262C41F4C
                                    SHA1:F224A09BD8FE26464910D1359565E58F18BF91AA
                                    SHA-256:BCC1846C6DBE4BD811D6DC3F0F975306F1521E5829EBC438128F7F0A4877109E
                                    SHA-512:78CD6476F6ADFC3B14646060025D238681BDB42DDB378DEBA264D551746CFC12F2B97CD8FC5DD785691510417AD05ADFDEDA6614E80CB5C2D64F7D98ABDC8A5C
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13387992426904873","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13387992426904873","location":5,"ma

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\55c82c79-7257-4ec5-8ae8-720050d0fe9d.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:modified
                                    Size (bytes):13705
                                    Entropy (8bit):5.263099111021722
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:E5946905EB3E466E9546BE0AF610A478
                                    SHA1:0951BEAEF8879D6301D078322C12C34AAC498F97
                                    SHA-256:D9AB7B9FA878AA263360589CB89A81FC6A5DF554B9F8A61C07D76F17B2CEBBDB
                                    SHA-512:062C82DE07CAAC2CEBF1DC7F2CBF59DAB61B07D2202E58C4286281C74CE0E86C136823C178A884009C9CC29DFB4EE470DDC52DA8DB4E98F8D9E3D7A092D4105A
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13387992427440821","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\59f612ad-48bd-41ef-b4df-ecd8609be2a0.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                    Category:modified
                                    Size (bytes):115717
                                    Entropy (8bit):5.183660917461099
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:3D8183370B5E2A9D11D43EBEF474B305
                                    SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                    SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                    SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\72fd6c7b-7db5-4546-b257-8c77116ec4b7.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):12126
                                    Entropy (8bit):5.185021024010183
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:0BEF185D936D8798DF98212E70B4A468
                                    SHA1:E6E0838CD88F89AF00C66C9ACC6EF3292B7CE90A
                                    SHA-256:2513C0F8FBDB2508DD8CE461518820048FC15962A9FEB3CA5211E0B31E202BB3
                                    SHA-512:2FCF8B8EB3150BEE893EB7874550525327630526D7118F6E158813C4A3BA0C3624485D61D379A7714CEF908D10470D867AA2D076EEBE43D1AFB1CCDF217F6EBD
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13387992427440821","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:modified
                                    Size (bytes):2163821
                                    Entropy (8bit):5.222884820053901
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:4BA99CBAA64AB4CEDCDF1DC07CDFFCF6
                                    SHA1:B5F6B73779CF29B969B312753D315C4BE31B4A89
                                    SHA-256:CBB5BE3DD10208877F653CD9ED77037D6135863AFE65030E6B8C66FD580ECEA8
                                    SHA-512:4D76FFFECF88D2F3F7E831474FB60D62E20B5A81845D7FCD902AC1C61E7870AB4D01DE35E2447338FA9E07ECFA40BCCC0F9166300E4CB564A8E43DE2BB29D5CF
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:...m.................DB_VERSION.1...8.................QUERY_TIMESTAMP:arbitration_priority_list4.*.*.13341056840624329.$QUERY:arbitration_priority_list4.*.*..[{"name":"arbitration_priority_list","url":"https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr=c&sig=NtPyTqjbjPElpw2mWa%2FwOk1no4JFJEK8%2BwO4xQdDJO4%3D&st=2021-01-01T00%3A00%3A00Z&se=2023-12-30T00%3A00%3A00Z&sp=r&assetgroup=ArbitrationService","version":{"major":4,"minor":0,"patch":5},"hash":"N0MkrPHaUyfTgQSPaiVpHemLMcVgqoPh/xUYLZyXayg=","size":11749}]...................'ASSET_VERSION:arbitration_priority_list.4.0.5..ASSET:arbitration_priority_list.[{. "configVersion": 32,. "PrivilegedExperiences": [. "ShorelinePrivilegedExperienceID",. "SHOPPING_AUTO_SHOW_COUPONS_CHECKOUT",. "SHOPPING_AUTO_SHOW_LOWER_PRICE_FOUND",. "SHOPPING_AUTO_SHOW_BING_SEARCH",. "SHOPPING_AUTO_SHOW_REBATES",. "SHOPPING_AUTO_SHOW_REBATES_CONFIRMATION",. "SHOPPING_AUTO_SHOW_REBATES_DEACTI

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text
                                    Category:dropped
                                    Size (bytes):329
                                    Entropy (8bit):5.124596051400579
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:68F55DB004FFA687590017338B5FABFB
                                    SHA1:668A2E0500DD5A53D867E7A8B7DB05BFC4020D62
                                    SHA-256:8E55EA933F0070560423BAFE0ABEAAD560E88691B09809620F1493AD5B1D4617
                                    SHA-512:E8FAAF89D61E0A39FD488F0C8830831AB28A20730142FBCA6F471314394A15B40624763480A26D9FB03870F62EEC8930380E8CE3CE45008FE825A89186FFA1E2
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:2025/04/01-10:47:10.137 924 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2025/04/01-10:47:10.139 924 Recovering log #3.2025/04/01-10:47:10.283 924 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
                                    Category:dropped
                                    Size (bytes):28672
                                    Entropy (8bit):0.476670193077648
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:C82059E1F1F19B5F46CC04826A37737A
                                    SHA1:6D7E524D20A9A6BFF2470316CCC25A9A34CFC67C
                                    SHA-256:F75398387E3F7FE4A30FC5CDF80BC9537B05B67C7FC4C5A453CA1F468DD21874
                                    SHA-512:9940F59B7AB46D3595B82358ABF1F5B887AB7900BDAFCBE42BA026AF973978F9BCE59441BBB54C5733E3C812F4F0DEEEAB8D84207F5EFEE91A0E5D80802FC7D8
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:SQLite format 3......@ ..........................................................................j..........g.....8...n................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DashTrackerDatabase

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 5
                                    Category:dropped
                                    Size (bytes):10240
                                    Entropy (8bit):0.8708334089814068
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:92F9F7F28AB4823C874D79EDF2F582DE
                                    SHA1:2D4F1B04C314C79D76B7FF3F50056ECA517C338B
                                    SHA-256:6318FCD9A092D1F5B30EBD9FB6AEC30B1AEBD241DC15FE1EEED3B501571DA3C7
                                    SHA-512:86FEF0E05F871A166C3FAB123B0A4B95870DCCECBE20B767AF4BDFD99653184BBBFE4CE1EDF17208B7700C969B65B8166EE264287B613641E7FDD55A6C09E6D4
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:SQLite format 3......@ ..........................................................................j...v... .. .....M....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_0

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                    Category:dropped
                                    Size (bytes):8192
                                    Entropy (8bit):0.01057775872642915
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                    SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                    SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                    SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_1

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):270336
                                    Entropy (8bit):8.280239615765425E-4
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:D0D388F3865D0523E451D6BA0BE34CC4
                                    SHA1:8571C6A52AACC2747C048E3419E5657B74612995
                                    SHA-256:902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B
                                    SHA-512:376011D00DE659EB6082A74E862CFAC97A9BB508E0B740761505142E2D24EC1C30AA61EFBC1C0DD08FF0F34734444DE7F77DD90A6CA42B48A4C7FAD5F0BDDD17
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_2

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):8192
                                    Entropy (8bit):0.011852361981932763
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:0962291D6D367570BEE5454721C17E11
                                    SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                    SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                    SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\index

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                    Category:dropped
                                    Size (bytes):262512
                                    Entropy (8bit):9.553120663130604E-4
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:45D7BD251A45A968934FC4B49346C46D
                                    SHA1:C6AB15194990831422405770959CF014A32750DC
                                    SHA-256:3DCA8E886BA01F0719D9466C03A1A1383DCB4B5B5CE86F7A1FAB50397F4C0F0D
                                    SHA-512:7C0D0ED858557A511527AA2CE157716E31889053327158BEEF187DC2EBB0A2EF5600CF869F664D08AE8B5A2045E7C13C74BE1071E7308AB833FC397B0A7C52E4
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:.........................................t..N./.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000003.log

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):116
                                    Entropy (8bit):4.994010050744163
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:A105E51FE00336B6E15773C6527E666B
                                    SHA1:2DB0F6E166BDB55F73C77B649542B9810041B35C
                                    SHA-256:4D04DCB4BEE7F0510E10B56602A004B99C94E7C8184058CD1AF09B27E16D2AAB
                                    SHA-512:723027F9076E2370CD04EFF88613CBEFF1BCBD721168E7BF53F2EE68E0E6EAF04205FC5D7B177D3BCF37E39A4890711068D3FEB106215FE5695E1ABC6AD2FB7D
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:...m.................DB_VERSION.1g.YL................FLYOUT_STORAGE:.{"personalization_data_consent_enabled":false}

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text
                                    Category:dropped
                                    Size (bytes):341
                                    Entropy (8bit):5.20403058016647
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:77B3B22833212193BE1328246E995F11
                                    SHA1:ABEE37E0699ADD3EA6FFD4E573CD49528B2FF109
                                    SHA-256:F3D9776272A36117CA3D1DDCB090A4B79A5E50C5963B2B2137BB9642E7D0ACD8
                                    SHA-512:B2EA8125EA0A1F07DF210575E319BBBF6208A5EC98A3680E1F5E0219263C153317CBC207D0089CF04E057189973155678D531F027C74508543515863DD6B0112
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:2025/04/01-10:47:06.939 494 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2025/04/01-10:47:06.941 494 Recovering log #3.2025/04/01-10:47:06.941 494 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 6
                                    Category:dropped
                                    Size (bytes):20480
                                    Entropy (8bit):0.6135743433831548
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:95C88F043BC7420884A4C857804048A1
                                    SHA1:E7F46696E8C5E5226F7425E262CE713E883329D9
                                    SHA-256:8ED2A49706258B9D04112CAEEACA91FDDC8C7671382DD89FA281BF2D9FF4FDA4
                                    SHA-512:E6B3BAD78DCB129F6A646A0BB5DDCB991B3F7CAE81EFC90FEF3C89CEAF9081F6D290EC565B460DE9E655D1A973BA11D461681EB39FD8FAC0071E1F2A03AD595F
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:SQLite format 3......@ ..........................................................................j...%.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text
                                    Category:dropped
                                    Size (bytes):16
                                    Entropy (8bit):3.2743974703476995
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:46295CAC801E5D4857D09837238A6394
                                    SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                    SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                    SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:MANIFEST-000001.

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):375520
                                    Entropy (8bit):5.354069683971643
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:C61F1B1737E7AA6424949250A0BA8F2A
                                    SHA1:940052B4DE580909F83A01D37B870EBCAAB99402
                                    SHA-256:5855D2A42D515F9917B945F2C425D68670D3F0EDA7036512AC185F1A5F22849A
                                    SHA-512:15344321FD21AC13C396CB9DF77C43E35850FA05D00B79CEAECCD028D511165D88238C278D55751175C7B244F4349B66E4597DC7C112743BF43C2EDCFD7088E1
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:...m.................DB_VERSION.1mS.7q...............&QUERY_TIMESTAMP:domains_config_gz2.*.*.13387992430709826..QUERY:domains_config_gz2.*.*..[{"name":"domains_config_gz","url":"https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig","version":{"major":2,"minor":8,"patch":76},"hash":"78Xsq/1H+MXv88uuTT1Rx79Nu2ryKVXh2J6ZzLZd38w=","size":374872}]..*.`~...............ASSET_VERSION:domains_config_gz.2.8.76..ASSET:domains_config_gz...{"config": {"token_limit": 1600, "page_cutoff": 4320, "default_locale_map": {"bg": "bg-bg", "bs": "bs-ba", "el": "el-gr", "en": "en-us", "es": "es-mx", "et": "et-ee", "cs": "cs-cz", "da": "da-dk", "de": "de-de", "fa": "fa-ir", "fi": "fi-fi", "fr": "fr-fr", "he": "he-il", "hr": "hr-hr", "hu": "hu-hu", "id": "id-id", "is": "is-is", "it": "it-it", "ja": "ja-jp", "ko": "ko-kr", "lv": "lv-lv", "lt": "lt-lt", "mk": "mk-mk", "nl": "nl-nl", "nb": "nb-no", "no": "no-no", "pl": "pl-pl", "pt": "pt-pt", "ro": "

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text
                                    Category:dropped
                                    Size (bytes):0
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:46295CAC801E5D4857D09837238A6394
                                    SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                    SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                    SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:MANIFEST-000001.

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text
                                    Category:dropped
                                    Size (bytes):307
                                    Entropy (8bit):5.1278715842168054
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:21AC7868783F74969E93A88F5A0BEF09
                                    SHA1:122BC8EE6F3188661EAF552651A2C0B0C3E19C5D
                                    SHA-256:30E88A6AE46E18AA8E128C650C7236C3F2C6C969AE4D6069FFD09532693D04BD
                                    SHA-512:F53A3F183BFF45A9E4D44EAC807DBA7CCA8B2706A7CCEE8902381AABE19FB0B8DE45003B92C5DD877E388414383B7CE527051B1D461107291813653142C7F3DA
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:2025/04/01-10:47:10.183 14a4 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db since it was missing..2025/04/01-10:47:10.230 14a4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db/MANIFEST-000001.

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:OpenPGP Secret Key
                                    Category:dropped
                                    Size (bytes):41
                                    Entropy (8bit):4.704993772857998
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                    SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                    SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                    SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:.|.."....leveldb.BytewiseComparator......

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:modified
                                    Size (bytes):358860
                                    Entropy (8bit):5.324606111337004
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:46375D665B0C7E33DA00A3E4E2A65DBD
                                    SHA1:ECB7A3795476F00698C8F489401612817FC3F2CC
                                    SHA-256:0CADBD16A0819F694436BBB5EDB608BAA8BA4E24B8B7FA20FA4A48DF445163B1
                                    SHA-512:2E38084F2CDF84D1C1F9F238540A14DBE637CBD825CE98EE03F04BE0E15A70F1630E5CFFC29AFCCD2633E24B96A4E7072C01BC21FD8F5ABF04345F429FBD61DF
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"aee_config":{"ar":{"price_regex":{"ae":"(((ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)))","dz":"(((dzd|da|\\x{062F}\\x{062C})\\s*\\d{1,3})|(\\d{1,3}\\s*(dzd|da|\\x{062F}\\x{062C})))","eg":"(((e\\x{00a3}|egp)\\s*\\d{1,3})|(\\d{1,3}\\s*(e\\x{00a3}|egp)))","ma":"(((mad|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(mad|dhs|dh)))","sa":"((\\d{1,3}\\s*(sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633}))|((sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633})\\s*\\d{1,3}))"},"product_terms":"((\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{0639}\\x{0631}\\x{0628}\\x{0629})|(\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{062D}\\x{0642}\\x{064A}\\x{0628}\\x{0629})|(\\x{0627}\\x{0634}\\x{062A}\\x{0631}\\x{064A}\\s*\\x{0627}\\x{0644}\\x{0622}\\x{0646})|(\\x{062E}\\x{064A}\\x{0627}\\x{0631}

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text
                                    Category:dropped
                                    Size (bytes):317
                                    Entropy (8bit):5.170710047315915
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:F9BA4E2182B72BDBBA068E579DC85B3A
                                    SHA1:EFEF7C1ED25C94FCD1796CB16499E69A52C15CB8
                                    SHA-256:671377D9E9AD3FD7F1CE6FC0E8D7447B0BA43C1952F7F1ED3EAD3F86E02523A6
                                    SHA-512:1FEAF07278B246B3045A83DBACB824241ACDC59BBBCE2CA9D3D1FF422804F9B09377588E4148D6F4C6A384E6E4F29A50B9848BFC9153B448DF50FB36CEF75D74
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:2025/04/01-10:47:06.923 5c4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2025/04/01-10:47:06.924 5c4 Recovering log #3.2025/04/01-10:47:06.924 5c4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):418
                                    Entropy (8bit):1.8784775129881184
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:BF097D724FDF1FCA9CF3532E86B54696
                                    SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                                    SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                                    SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text
                                    Category:dropped
                                    Size (bytes):321
                                    Entropy (8bit):5.192926127059849
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:90C450C53D86ACBE8E1A2CF7953B6F53
                                    SHA1:F121C2E2AE974ADA35AC8F306801D04FEBC04E14
                                    SHA-256:1CBC44621AD38F0EEE56B23960CAF59321C906D9CC78FAE19A912B0B94B27D9D
                                    SHA-512:E31B2133DD652ADC6713E2AD9C5D85075F44255AB8CE928C72B1D5C66E6C42CF4D8D5637D6A3C7BAF85034194FA6E23CB4C61FD909CB3B0470670C281DFA3440
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:2025/04/01-10:47:06.928 5c4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2025/04/01-10:47:06.929 5c4 Recovering log #3.2025/04/01-10:47:06.929 5c4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):1254
                                    Entropy (8bit):1.8784775129881184
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:826B4C0003ABB7604485322423C5212A
                                    SHA1:6B8EF07391CD0301C58BB06E8DEDCA502D59BCB4
                                    SHA-256:C56783C3A6F28D9F7043D2FB31B8A956369F25E6CE6441EB7C03480334341A63
                                    SHA-512:0474165157921EA84062102743EE5A6AFE500F1F87DE2E87DBFE36C32CFE2636A0AE43D8946342740A843D5C2502EA4932623C609B930FE8511FE7356D4BAA9C
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5........

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text
                                    Category:dropped
                                    Size (bytes):317
                                    Entropy (8bit):5.179100743536093
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:E1ADA1A99642455B2813DBC2C7155230
                                    SHA1:6299079ACE48898FDB23F75BA6987334DC4A21C2
                                    SHA-256:0A654137C48AE9AD54F4865AB3111D3B535695698815BD4DA5A9D55DE4ED6E62
                                    SHA-512:5DA477650F8F016680012593F8483434A416E17189C585EA0E0A1FF48A54370BA733AA9A9FE567529CAC11699D0D114E0FED957331653901D46AB96AE1D6BF50
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:2025/04/01-10:47:07.685 884 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2025/04/01-10:47:07.686 884 Recovering log #3.2025/04/01-10:47:07.686 884 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):429
                                    Entropy (8bit):5.809210454117189
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:5D1D9020CCEFD76CA661902E0C229087
                                    SHA1:DCF2AA4A1C626EC7FFD9ABD284D29B269D78FCB6
                                    SHA-256:B829B0DF7E3F2391BFBA70090EB4CE2BA6A978CCD665EEBF1073849BDD4B8FB9
                                    SHA-512:5F6E72720E64A7AC19F191F0179992745D5136D41DCDC13C5C3C2E35A71EB227570BD47C7B376658EF670B75929ABEEBD8EF470D1E24B595A11D320EC1479E3C
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"file_hashes":[{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","6RbL+qKART8FehO4s7U0u67iEI8/jaN+8Kg3kII+uy4=","CuN6+RcZAysZCfrzCZ8KdWDkQqyaIstSrcmsZ/c2MVs="],"block_size":4096,"path":"content.js"},{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","UL53sQ5hOhAmII/Yx6muXikzahxM+k5gEmVOh7xJ3Rw=","u6MdmVNzBUfDzMwv2LEJ6pXR8k0nnvpYRwOL8aApwP8="],"block_size":4096,"path":"content_new.js"}],"version":2}

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Favicons

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 17, cookie 0x8, schema 4, UTF-8, version-valid-for 3
                                    Category:dropped
                                    Size (bytes):36864
                                    Entropy (8bit):4.407640255484458
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:613A82172AA73D3C544EF4473AE801C8
                                    SHA1:FDC6F278C32B1209F68799843E102884F0F39020
                                    SHA-256:37172A45041542D7BC8CADED208BAFD72C5AC59817300CEBC02E5032066FA372
                                    SHA-512:6DB5A26CD8DABABDC126863E5CD560602402326EEC7A4ED8CABB989734812C9A6D8007B46EEF9CBAA97F998CC3D15D707C6825407B37575480EBBA8554BF804D
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:SQLite format 3......@ ..........................................................................j..........g....._.c...~.2.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................s...;+...indexfavicon_bitmaps_icon_idfavico

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_3

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):8192
                                    Entropy (8bit):0.012340643231932763
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:41876349CB12D6DB992F1309F22DF3F0
                                    SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                    SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                    SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\index

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                    Category:dropped
                                    Size (bytes):262512
                                    Entropy (8bit):9.553120663130604E-4
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:395B7955FDF4C09993B4C1FC4B5D98F7
                                    SHA1:56E91E6E074482DE5AA83BB676BE91E32576CAAE
                                    SHA-256:7398C004648809E677334AA8ED1AEE72FFEF0391B18AD0F0393B5069B8770270
                                    SHA-512:D2ADE81F60AC080AB1CE8D93AF164CD1C59694E299A318CF26F81B1533637270DAFFD76E0572308EB777D52B84091E0A396BB6CEFDE3B7148E924E4C03B3BA6B
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:........................................?...N./.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 2
                                    Category:modified
                                    Size (bytes):155648
                                    Entropy (8bit):0.6895209563054249
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:4A57109E7B70C0C2AB7632EDD75EE18D
                                    SHA1:EE1180FF79E8DFE378F927612B827FB54C649DE9
                                    SHA-256:CBE95C6007482F318F863D95177C2DECC9763E4098722CA2F2F72A83A4832BE0
                                    SHA-512:B133415D41408595C4DB1374F8FC88460C0C896C58B0DC1B3FEAA1AC1B97965D9ECE0AB286D5136A0CA05FE7E1E0486191EC51D9212C4DBE6885A49FF78FB9EE
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:SQLite format 3......@ .......&..................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                    Category:dropped
                                    Size (bytes):0
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:3D8183370B5E2A9D11D43EBEF474B305
                                    SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                    SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                    SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 11, cookie 0x3, schema 4, UTF-8, version-valid-for 6
                                    Category:dropped
                                    Size (bytes):45056
                                    Entropy (8bit):3.54893738694675
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:1A0FCA410A67423B7C26022E7E78E3F9
                                    SHA1:5707E4B6DE04154957BA2D2BE0EEE41F6A661829
                                    SHA-256:1BD63CC89701CA5209E1975D32EE3D88420FBDC0657D5BBDC1D7E33D88E766DD
                                    SHA-512:D0B701F0622B965A40DF9F8F527A963F63472E171958982BE16B7D3D65B282DF57AF092ADC05A9B34EEBC217E8DD6CE1C90804A6FC6B40A1937C688A805666DE
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:SQLite format 3......@ ..........................................................................j..........g...:.8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text
                                    Category:dropped
                                    Size (bytes):404
                                    Entropy (8bit):5.2564993176104045
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:8C7AF4FE1270442AED0281B0D3060890
                                    SHA1:49861A215D5851BC10AADDDDEE87BCC54F0E5501
                                    SHA-256:9AC410619FF3A69F9C77FE90E765013EE22590FA1CE59BB827047A025EF0E873
                                    SHA-512:7F5741D8F63BEFBD8E52275134F636CF2ED4488D00F40677D07D00BBF18220730197FA86F8E497BE93BAB1F2710E16452D0F1DC8307EEDE48FCA42D423F2FC6C
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:2025/04/01-10:47:08.434 1af4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2025/04/01-10:47:08.436 1af4 Recovering log #3.2025/04/01-10:47:08.436 1af4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:OpenPGP Public Key
                                    Category:dropped
                                    Size (bytes):480
                                    Entropy (8bit):5.663078082542004
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:8A247C492C72110DF52121814BB535C3
                                    SHA1:4FE229DC0C1A81668286D950C8CF7B86FFE6E694
                                    SHA-256:606EDD42B1D603FBB2B79B76016298002890BE8464B751BB05A15A31E6ECFBAE
                                    SHA-512:02B4E4408A28C449238FE37EB14AEA2037F5D37B13269723BF00C7AFDA7B373FE7F5097F004D0791EEF75D32DEEF7BC02AB68B2497E27A94CB08DAD84ADAEFB9
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:..v..................VERSION.1..META:https://apps.microsoft.com.........f.0_https://apps.microsoft.com..exp-session-expires..Tue, 15 Apr 2025 14:48:05 GMT.+_https://apps.microsoft.com..exp-session-id%.7b546b0e-ffea-4e34-b20e-6317d30464b6..<V.................META:https://www.msn.com..........,."_https://www.msn.com..pageVersions..{"edgewelcome":"20241115.431"}.O_https://www.msn.com..Tue Apr 01 2025 10:48:03 GMT-0400 (Eastern Daylight Time).!_https://www.msn.com..storageTest

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text
                                    Category:dropped
                                    Size (bytes):332
                                    Entropy (8bit):5.094183046951793
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:AEFE1BF8F6A080201992B85C8EE9D08F
                                    SHA1:BCE0A9CA2671D2B076D8BDE8004E5D5BC9AF9290
                                    SHA-256:C9142390A95D5026D3B81D31E32CA7DEA5DB0764510FCBFC9C3A0457FB367B61
                                    SHA-512:D36FD74C0D59662B951703CCF4786455DCEBDB2D517BF9F6102EFD5A4E7E9CCCCE1FE9AF51B98E62D1C670ADF353F6E3CC4B84D21DC6C990AA454A36C92E673E
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:2025/04/01-10:47:07.024 1b70 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2025/04/01-10:47:07.026 1b70 Recovering log #3.2025/04/01-10:47:07.030 1b70 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\25e7e871-ad20-4cda-af2f-b17c7271b826.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):40
                                    Entropy (8bit):4.1275671571169275
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:20D4B8FA017A12A108C87F540836E250
                                    SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                    SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                    SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\5fa151fc-d204-4dad-805b-e2c0832152a9.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1605
                                    Entropy (8bit):5.280932036230511
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:C405AF67E3B7B9CC46E2604442DB9C51
                                    SHA1:95C1D827BE54102CA390C466CD6E8475944F08B0
                                    SHA-256:2235BE87544DED247A4B3EA27DEAF961878BF8E3F4A8E48BDB9049EBAAA8A914
                                    SHA-512:D77F83B160B7C2D62A07707F01B6C1B982C0B15FC7B5D826D1C9096E1F25908350D2464D4A320A1BB817DFA6DE77B55917265991FE74E1A9486894354D4EA929
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13390584428287259","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com"},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13390584429014886","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com"},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13388086048655650","port":443,"protocol_str":"quic"}],"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com"},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13388086049652883","port":443,"protocol_str":"quic"}],"anonymization":["FAAAABAAAABodHRwczovL2JpbmcuY29t",false],"network_stats":{"srtt":95479},"ser

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):0
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:285252A2F6327D41EAB203DC2F402C67
                                    SHA1:ACEDB7BA5FBC3CE914A8BF386A6F72CA7BAA33C6
                                    SHA-256:5DFC321417FC31359F23320EA68014EBFD793C5BBED55F77DAB4180BBD4A2026
                                    SHA-512:11CE7CB484FEE66894E63C31DB0D6B7EF66AD0327D4E7E2EB85F3BCC2E836A3A522C68D681E84542E471E54F765E091EFE1EE4065641B0299B15613EB32DCC0D
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF374e3.TMP (copy)

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):0
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:285252A2F6327D41EAB203DC2F402C67
                                    SHA1:ACEDB7BA5FBC3CE914A8BF386A6F72CA7BAA33C6
                                    SHA-256:5DFC321417FC31359F23320EA68014EBFD793C5BBED55F77DAB4180BBD4A2026
                                    SHA-512:11CE7CB484FEE66894E63C31DB0D6B7EF66AD0327D4E7E2EB85F3BCC2E836A3A522C68D681E84542E471E54F765E091EFE1EE4065641B0299B15613EB32DCC0D
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 6
                                    Category:dropped
                                    Size (bytes):36864
                                    Entropy (8bit):1.1145891494069322
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:650D74F66A445DEBC8A11CAC08883793
                                    SHA1:28F2F246F42817BA4761D6B24838C5071A6934B2
                                    SHA-256:75A3F6E501D88B9F1EC731D7C14061A41C7CEC2EB49669224015D5E24D126040
                                    SHA-512:7AA13707F2D97AFED49CE07126A08E3C7FDEA57CFE513056D1054086D6FC8E5B54376017C434185AFDC965AA0AB882645D47BD7D11CFA5471CD1591D4DD7278F
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:SQLite format 3......@ ..........................................................................j..........g...D.........7............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):0
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:20D4B8FA017A12A108C87F540836E250
                                    SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                    SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                    SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Token Bindings

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 2
                                    Category:dropped
                                    Size (bytes):20480
                                    Entropy (8bit):0.4716248163409303
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:72E9D82D6C1742197EEA43EC203C6825
                                    SHA1:275AE552E437747FD707962111675AA2C8DEEB0F
                                    SHA-256:0DB0BA239E0421208146C4FBB809F2DBD960019FE4F4EC4CBC894C29627DD759
                                    SHA-512:C62C7C0C9BBE1CFAE2FEF39FBDF70BB5316713D87453096676BD854A19FDD8BC62F1608F8BE3602AD8770B94C13FFE5A9516F05A95548615CB78ED9CEADC7EA9
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:SQLite format 3......@ ..........................................................................j.......q..g...q.0....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\e15d0b0f-b469-411f-845f-0fcce0ffc8e0.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):111
                                    Entropy (8bit):4.718418993774295
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:285252A2F6327D41EAB203DC2F402C67
                                    SHA1:ACEDB7BA5FBC3CE914A8BF386A6F72CA7BAA33C6
                                    SHA-256:5DFC321417FC31359F23320EA68014EBFD793C5BBED55F77DAB4180BBD4A2026
                                    SHA-512:11CE7CB484FEE66894E63C31DB0D6B7EF66AD0327D4E7E2EB85F3BCC2E836A3A522C68D681E84542E471E54F765E091EFE1EE4065641B0299B15613EB32DCC0D
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 3
                                    Category:dropped
                                    Size (bytes):20480
                                    Entropy (8bit):0.5743529459392946
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:558A3F8C86B4E6580B54E8F7FA7E3DAF
                                    SHA1:BE2CA20287B762D66037530A721A825786816845
                                    SHA-256:4821B776B0FDC4190DB1B261174F6C2D664DD45F3C0D77FE359D7B63FF64609C
                                    SHA-512:BF743179D9448C8BF2256EEA447CD43FB1440C620CD57F8C72A71BED0995F2590FAE177426AF38211E9ADEADD3A0A023AAFA91517907F1AFF5F3A7794CBFD143
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):0
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:0BEF185D936D8798DF98212E70B4A468
                                    SHA1:E6E0838CD88F89AF00C66C9ACC6EF3292B7CE90A
                                    SHA-256:2513C0F8FBDB2508DD8CE461518820048FC15962A9FEB3CA5211E0B31E202BB3
                                    SHA-512:2FCF8B8EB3150BEE893EB7874550525327630526D7118F6E158813C4A3BA0C3624485D61D379A7714CEF908D10470D867AA2D076EEBE43D1AFB1CCDF217F6EBD
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13387992427440821","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF2c77c.TMP (copy)

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):0
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:0BEF185D936D8798DF98212E70B4A468
                                    SHA1:E6E0838CD88F89AF00C66C9ACC6EF3292B7CE90A
                                    SHA-256:2513C0F8FBDB2508DD8CE461518820048FC15962A9FEB3CA5211E0B31E202BB3
                                    SHA-512:2FCF8B8EB3150BEE893EB7874550525327630526D7118F6E158813C4A3BA0C3624485D61D379A7714CEF908D10470D867AA2D076EEBE43D1AFB1CCDF217F6EBD
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13387992427440821","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF2efe4.TMP (copy)

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):0
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:0BEF185D936D8798DF98212E70B4A468
                                    SHA1:E6E0838CD88F89AF00C66C9ACC6EF3292B7CE90A
                                    SHA-256:2513C0F8FBDB2508DD8CE461518820048FC15962A9FEB3CA5211E0B31E202BB3
                                    SHA-512:2FCF8B8EB3150BEE893EB7874550525327630526D7118F6E158813C4A3BA0C3624485D61D379A7714CEF908D10470D867AA2D076EEBE43D1AFB1CCDF217F6EBD
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13387992427440821","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF31d1e.TMP (copy)

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):0
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:0BEF185D936D8798DF98212E70B4A468
                                    SHA1:E6E0838CD88F89AF00C66C9ACC6EF3292B7CE90A
                                    SHA-256:2513C0F8FBDB2508DD8CE461518820048FC15962A9FEB3CA5211E0B31E202BB3
                                    SHA-512:2FCF8B8EB3150BEE893EB7874550525327630526D7118F6E158813C4A3BA0C3624485D61D379A7714CEF908D10470D867AA2D076EEBE43D1AFB1CCDF217F6EBD
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13387992427440821","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF34864.TMP (copy)

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):0
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:0BEF185D936D8798DF98212E70B4A468
                                    SHA1:E6E0838CD88F89AF00C66C9ACC6EF3292B7CE90A
                                    SHA-256:2513C0F8FBDB2508DD8CE461518820048FC15962A9FEB3CA5211E0B31E202BB3
                                    SHA-512:2FCF8B8EB3150BEE893EB7874550525327630526D7118F6E158813C4A3BA0C3624485D61D379A7714CEF908D10470D867AA2D076EEBE43D1AFB1CCDF217F6EBD
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13387992427440821","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF37c36.TMP (copy)

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):0
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:0BEF185D936D8798DF98212E70B4A468
                                    SHA1:E6E0838CD88F89AF00C66C9ACC6EF3292B7CE90A
                                    SHA-256:2513C0F8FBDB2508DD8CE461518820048FC15962A9FEB3CA5211E0B31E202BB3
                                    SHA-512:2FCF8B8EB3150BEE893EB7874550525327630526D7118F6E158813C4A3BA0C3624485D61D379A7714CEF908D10470D867AA2D076EEBE43D1AFB1CCDF217F6EBD
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13387992427440821","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):0
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:067699A0B73DB4CB10CD399262C41F4C
                                    SHA1:F224A09BD8FE26464910D1359565E58F18BF91AA
                                    SHA-256:BCC1846C6DBE4BD811D6DC3F0F975306F1521E5829EBC438128F7F0A4877109E
                                    SHA-512:78CD6476F6ADFC3B14646060025D238681BDB42DDB378DEBA264D551746CFC12F2B97CD8FC5DD785691510417AD05ADFDEDA6614E80CB5C2D64F7D98ABDC8A5C
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13387992426904873","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13387992426904873","location":5,"ma

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF2d864.TMP (copy)

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):0
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:067699A0B73DB4CB10CD399262C41F4C
                                    SHA1:F224A09BD8FE26464910D1359565E58F18BF91AA
                                    SHA-256:BCC1846C6DBE4BD811D6DC3F0F975306F1521E5829EBC438128F7F0A4877109E
                                    SHA-512:78CD6476F6ADFC3B14646060025D238681BDB42DDB378DEBA264D551746CFC12F2B97CD8FC5DD785691510417AD05ADFDEDA6614E80CB5C2D64F7D98ABDC8A5C
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13387992426904873","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13387992426904873","location":5,"ma

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):8758
                                    Entropy (8bit):3.609795956118431
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:20E9D4E85EEDA66D46BB98AC62F99EB1
                                    SHA1:03BBD7D86145DE560179CCBF0D906DB19D8D0D7C
                                    SHA-256:C853650D004A33CBB9ABCB9A8DE903A2FB21045FD86A01BD67582D8E58B1D750
                                    SHA-512:1163174838DE7F34AE3D2D986B1C901C5F2318B5573B0F92C33294B25A0B562C712B0AC6D84785BD22F7ACBD001F10133B268F198156C62680FAE557C87D3800
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:*...#................version.1..namespace-..&f.................&f.................&f.................&f.................&f.................&f...............Uh..h................next-map-id.1.Inamespace-90218e02_fde8_4ad8_8ff8_289a63060545-https://www.microsoft.com/.0V.e................V.e................V.e................V.e.................hj.b................next-map-id.2.Cnamespace-90218e02_fde8_4ad8_8ff8_289a63060545-https://www.msn.com/.1...i................next-map-id.3.Jnamespace-90218e02_fde8_4ad8_8ff8_289a63060545-https://apps.microsoft.com/.2..<x&............... map-2-exp-session-flags-en-gb-US..{.".c.o.n.t.e.x.t.".:.".6.1.4.6.d.0.1.a.-.e.3.7.0.:.2.6.3.1.3.;.f.1.8.d.e.7.6.e.-.b.c.5.3.:.2.6.3.6.2.;.5.d.a.d.a.d.1.8.-.e.e.4.6.:.2.6.3.6.5.;.c.g.2.c.g.4.2.2.:.1.6.0.2.6.3.;.".,.".s.e.s.s.i.o.n.I.d.".:.".7.b.5.4.6.b.0.e.-.f.f.e.a.-.4.e.3.4.-.b.2.0.e.-.6.3.1.7.d.3.0.4.6.4.b.6.".,.".s.e.s.s.i.o.n.D.u.r.a.t.i.o.n.".:.1.2.0.9.6.0.0.0.0.0.,.".v.a.l.u.e.s.".:.{.".d.i.s.a.b.l.e.n.o.r.e.f

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text
                                    Category:dropped
                                    Size (bytes):320
                                    Entropy (8bit):5.136461398461535
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:847206A8B8383C14787B8C43FB66BF1A
                                    SHA1:A39C27C4261138989BFC215C3053728936E4310D
                                    SHA-256:59428C3F0461A836994A810518021D7C184A154192163131750D64356BC27D04
                                    SHA-512:CBEB827436CB8A7D5DF8113BB002DAEF0256E23F2749140187BE8A23E85161F0BC03C1C5703C8759D88E1B180AB725C49D21902A7DCC1116905C1E1BC650D646
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:2025/04/01-10:47:07.556 1b70 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2025/04/01-10:47:07.559 1b70 Recovering log #3.2025/04/01-10:47:07.642 1b70 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13387992429406158

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):17814
                                    Entropy (8bit):3.7425407027493387
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:EB425AA881FC87FF6A8FEC1A95C43056
                                    SHA1:65F830F9B36204AA03CD6F56C5A96FF0CEACD4C9
                                    SHA-256:FD255E0C106EC2E8AFA49EE5BD39CA417D8B4CAD237100854AD6346941EA2BAB
                                    SHA-512:D3362664BB81DD19A4A85DB5B9B02F323E135F5229A83AEC2078C99F48790313F8315DAACB757BD5ED2C9A04ED49FD7288CFEE0AFB1A6A5FF48BF0EBE4D7FF5E
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:SNSS..........]..............]......"...]..............]..........]..........]..........]....!.....]..................................]...]1..,......]$...6b4b8748_13ed_4cdc_9270_38d413a05dc9......]..........].....J............]......]..........................]....................5..0......]&...{4378C673-0E80-4F61-9FD7-A34963B93441}........]..........]....1..,......]....b...file:///C:/Users/user/AppData/Local/Microsoft/Windows/INetCache/Content.Outlook/821LMD6U/email.mht..............!...............................................................X...............`...............X........|d..1...|d..1......................................................................................b...f.i.l.e.:./././.C.:./.U.s.e.r.s./.c.a.l.i./.A.p.p.D.a.t.a./.L.o.c.a.l./.M.i.c.r.o.s.o.f.t./.W.i.n.d.o.w.s./.I.N.e.t.C.a.c.h.e./.C.o.n.t.e.n.t...O.u.t.l.o.o.k./.8.2.1.L.M.D.6.U./.e.m.a.i.l...m.h.t.....................................8.......0.......8......................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13387992489170575

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):4654
                                    Entropy (8bit):3.5092756606739717
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:4710773B335B1F5468E934666C342477
                                    SHA1:294FCF4BB13FE6A7ADE0BD2E1CDE3108E1A69C55
                                    SHA-256:8B1014A4AD695EE342E5C6648B3A890C7E1CB201581AE6CB80373DC97C497D33
                                    SHA-512:70777E0BB7C702A849284DA0B5ADCA1C8A8D2BF6FA0F2011E37FFE60C748E54B7F43603FF3D7B4F516BB4867E7710D5AF72906BCC9B9F45C81FE939B74B2592F
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:SNSS..........].... .l.N./...........]........edge://welcome/.....W.e.l.c.o.m.e...T...P...!...H...................................................................................................J....1..K....1..................................X...............................................&.......e.d.g.e.:././.w.e.l.c.o.m.e./...................................8.......0.......8....................................................................... .......................................................P...$...9.1.6.b.1.4.d.4.-.8.2.5.b.-.4.3.8.e.-.b.8.3.8.-.4.c.a.8.a.0.0.4.8.d.8.a.................P...$...a.3.7.2.c.5.5.f.-.1.a.8.d.-.4.f.8.8.-.b.1.4.6.-.f.b.9.e.6.d.8.c.d.3.4.6.....................edge://welcome/........N./....................N./............N./...................].....x.N./...........]....Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47...........................Microsoft Edge......117.....

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
                                    Category:dropped
                                    Size (bytes):20480
                                    Entropy (8bit):0.44194574462308833
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:B35F740AA7FFEA282E525838EABFE0A6
                                    SHA1:A67822C17670CCE0BA72D3E9C8DA0CE755A3421A
                                    SHA-256:5D599596D116802BAD422497CF68BE59EEB7A9135E3ED1C6BEACC48F73827161
                                    SHA-512:05C0D33516B2C1AB6928FB34957AD3E03CB0A8B7EEC0FD627DD263589655A16DEA79100B6CC29095C3660C95FD2AFB2E4DD023F0597BD586DD664769CABB67F8
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:SQLite format 3......@ ..........................................................................j..........g....."....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):112
                                    Entropy (8bit):4.791674242577557
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:3E7678708A03351D393A669CEA1840A2
                                    SHA1:5E72135F1BC9C99F60F184A68D94B6D3D4D9B893
                                    SHA-256:E460E121238D1D45FD5FF5B2A6B2C2B8DD21907B213227B711453CB82FCB609A
                                    SHA-512:92546AC6EBFB4C3F54B9429B00D74064F0A32830D0D6D4364E9301E1103F6206C5C2EEBF879CAE3FC09604AC6022329A8D2787D32BDB253BF62D8DBA73851296
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:.On.!................database_metadata.1.'t)A............... c439589400212f33bcef65939bd8c69f..........$...$"..$

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text
                                    Category:dropped
                                    Size (bytes):345
                                    Entropy (8bit):5.149912036426161
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:28F79256CD41818CA80E3A0EF176966D
                                    SHA1:7CFD7A431B51C27AF594EFE68990C61B60299A42
                                    SHA-256:92C26D42B15EDA43AAAC2AA271300871FA997B304E93B6F99201A28F4AFBF1DC
                                    SHA-512:2AD046B01C407367734040223845E8510FF5E6CE4153EA1082F8EEB66EB4A58E946DFAC731FF10CF74DF7522D3B53A6AFDC600FEF4A548340CF669FAF006CB66
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:2025/04/01-10:47:06.919 884 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2025/04/01-10:47:06.920 884 Recovering log #3.2025/04/01-10:47:06.920 884 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):270336
                                    Entropy (8bit):0.0012471779557650352
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                    SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                    SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                    SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text
                                    Category:dropped
                                    Size (bytes):430
                                    Entropy (8bit):5.187240713890075
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:516544F6708419FC4CE390184010F70C
                                    SHA1:4C4A886C9EF41058AF60280C255C06D53261D072
                                    SHA-256:349F838FA970FB7A66C04E7044ADEBA66B4409695252CC5DFCE824CE5FD5B2F2
                                    SHA-512:C5B1F04A6764EED39D515329F35517C1F7FE161C68290A6B80C8BEA41CC2DE346739D062C881BC2B0EE59F95EFADCE5409E18D671779E39B9DEF3992C67FC313
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:2025/04/01-10:47:07.704 1b4c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2025/04/01-10:47:07.706 1b4c Recovering log #3.2025/04/01-10:47:07.737 1b4c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\63599dc6-916d-4f0b-8e35-4fe471aa1ab8.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):2
                                    Entropy (8bit):1.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:D751713988987E9331980363E24189CE
                                    SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                    SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                    SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:[]

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):0
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:D751713988987E9331980363E24189CE
                                    SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                    SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                    SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:[]

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF28582.TMP (copy)

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):0
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:D751713988987E9331980363E24189CE
                                    SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                    SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                    SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:[]

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 4
                                    Category:dropped
                                    Size (bytes):36864
                                    Entropy (8bit):0.3886039372934488
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:DEA619BA33775B1BAEEC7B32110CB3BD
                                    SHA1:949B8246021D004B2E772742D34B2FC8863E1AAA
                                    SHA-256:3669D76771207A121594B439280A67E3A6B1CBAE8CE67A42C8312D33BA18854B
                                    SHA-512:7B9741E0339B30D73FACD4670A9898147BE62B8F063A59736AFDDC83D3F03B61349828F2AE88F682D42C177AE37E18349FD41654AEBA50DDF10CD6DC70FA5879
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:SQLite format 3......@ ..........................................................................j..........g...}.....$.X..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):80
                                    Entropy (8bit):3.4921535629071894
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:69449520FD9C139C534E2970342C6BD8
                                    SHA1:230FE369A09DEF748F8CC23AD70FD19ED8D1B885
                                    SHA-256:3F2E9648DFDB2DDB8E9D607E8802FEF05AFA447E17733DD3FD6D933E7CA49277
                                    SHA-512:EA34C39AEA13B281A6067DE20AD0CDA84135E70C97DB3CDD59E25E6536B19F7781E5FC0CA4A11C3618D43FC3BD3FBC120DD5C1C47821A248B8AD351F9F4E6367
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:*...#................version.1..namespace-..&f.................&f...............

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text
                                    Category:dropped
                                    Size (bytes):418
                                    Entropy (8bit):5.225481681914001
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:40B50B042C4924D6AF436FA077F63F8F
                                    SHA1:69BA6A605C0542005185DB646B374E60161370B8
                                    SHA-256:E233CFEEA6697241D63C9D625B47DDBB6CCE0D90A9A8C92FA0608D39603C374C
                                    SHA-512:732BF9979C03A1FA1C778012DBBF28AE21058C78D15F63BCA71F72BF086D11F2404FC92F25CCBE85C099F9F2E83842751395405458F0547BD94650B83EC9E491
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:2025/04/01-10:47:23.369 1b70 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2025/04/01-10:47:23.370 1b70 Recovering log #3.2025/04/01-10:47:23.374 1b70 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text
                                    Category:dropped
                                    Size (bytes):324
                                    Entropy (8bit):5.228131309504427
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:234C1184DD521DBEC405F8A693FB3091
                                    SHA1:E28D8A49752518A8084BEB916245341ECD001A5B
                                    SHA-256:CAB91CDA24A51D952C2EBF1BDC859582C31C5CA0C8BF0C98258A585D0E4B0DFA
                                    SHA-512:FE29B86944CEB1DF00FEA0CEA978C5D69A5970919B706D014F42C407BC1BCC213978101A8836099F5D4FDFB7282DEEFD246A5CE302C0FBF194978AE6AB8A3437
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:2025/04/01-10:47:06.964 1b64 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2025/04/01-10:47:06.965 1b64 Recovering log #3.2025/04/01-10:47:06.965 1b64 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):131072
                                    Entropy (8bit):0.006738561099835664
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:484B4CCAA58B11DECCEE168447D918BD
                                    SHA1:BAB7F4B8EC5BC298C6EA1B5F54ED01954048B08A
                                    SHA-256:4165B85DD4B231BD36C5DB2430B80FBFB3BFF7E55B9963541B6338E82BE86985
                                    SHA-512:BBFBF60385FE8E16244D2995488DAA2F61D9E52123A4DD20E994FBEB24BE2F2C939D61ED888753D7C10E644525A0F34345D2D61AB2F8474EC061A9ECBD193276
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:VLnk.....?.......v|..lON................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 10
                                    Category:dropped
                                    Size (bytes):196608
                                    Entropy (8bit):1.265554862620742
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:0A0F917DB166CAB5AED0779857C687E8
                                    SHA1:BF04EFC9F91674F8E4588CA86D21CB89663AF58A
                                    SHA-256:8F3C8D4B0FC12196E5F45E32104D387D3742F284540FF774368937BC6467712D
                                    SHA-512:45EFCAD3ACA6E4DC8DEA938A34D78D6F6415DD0C21C021226A433DAEF358609F7AE20E736FAD33F2C12AC76793C7884C0C3DE49FB74BD1E9E4826E6AC671D2DC
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:SQLite format 3......@ .......[...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebAssistDatabase

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 11, database pages 7, cookie 0xb, schema 4, UTF-8, version-valid-for 11
                                    Category:modified
                                    Size (bytes):14336
                                    Entropy (8bit):1.029701420585042
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:C5E499B2829503B397A1B34B219AADCE
                                    SHA1:12D2DE9951FEE857C42A378844C8CBB2F9256491
                                    SHA-256:37E1AF089F61BEE4197E2578704BEFC34ECAEB788E719A098F966E088446B3C1
                                    SHA-512:0882CEB433589AC351C54BD1FF2629BD15AAF6CBDD038E09B83C89AAF8E038FEB74610F57E2A5866589C94B082E677E061DAD36ADEFAE50B9548F883F3D769CE
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:SQLite format 3......@ ..........................................................................j..................n..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1
                                    Category:dropped
                                    Size (bytes):40960
                                    Entropy (8bit):0.41235120905181716
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:981F351994975A68A0DD3ECE5E889FD0
                                    SHA1:080D3386290A14A68FCE07709A572AF98097C52D
                                    SHA-256:3F0C0B2460E0AA2A94E0BF79C8944F2F4835D2701249B34A13FD200F7E5316D7
                                    SHA-512:C5930797C46EEC25D356BAEB6CFE37E9F462DEE2AE8866343B2C382DBAD45C1544EF720D520C4407F56874596B31EFD6822B58A9D3DAE6F85E47FF802DBAA20B
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:SQLite format 3......@ ..........................................................................j.......w..g...........M...w..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\af1a7b86-d98f-4550-8635-f5a3b676345b.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):13705
                                    Entropy (8bit):5.263136819315228
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:C454EC884B917A25F7768B1A0DC2C1DF
                                    SHA1:FA009854940704F35BF08E4407D537D9F6C98AB0
                                    SHA-256:2C235E8728E39FABAED4CF4C19ADB03E64732F287DEE4C78873CCA730A3E3B4D
                                    SHA-512:83AD75EFE6E4F5DF5614CDA2F63018A073F75A7DDD9FE6BA45C619142B8598AA99C0E51B638140B0D06B5971EB0DC8138D7043A0017576A6D479F1B36BF11395
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13387992427440821","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text, with very long lines (3951), with CRLF line terminators
                                    Category:dropped
                                    Size (bytes):11755
                                    Entropy (8bit):5.190465908239046
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:07301A857C41B5854E6F84CA00B81EA0
                                    SHA1:7441FC1018508FF4F3DBAA139A21634C08ED979C
                                    SHA-256:2343C541E095E1D5F202E8D2A0807113E69E1969AF8E15E3644C51DB0BF33FBF
                                    SHA-512:00ADE38E9D2F07C64648202F1D5F18A2DFB2781C0517EAEBCD567D8A77DBB7CB40A58B7C7D4EC03336A63A20D2E11DD64448F020C6FF72F06CA870AA2B4765E0
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "DefaultCohort": {.. "21f3388b-c2a5-4791-8f6e-a4cad6d17f4f.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.BingHomePage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Covid.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Finance.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Jobs.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.KnowledgeCard.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Local.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NTP3PCLICK.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NotifySearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Recipe.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.SearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Sports.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Travel.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Weather.Bubble": 1,.. "2cb2db96-3bd0-403e-abe2-9269b3761041.Bubble": 1,.

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\b59291d5-dd89-4fa4-9600-a682066c78e0.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):13540
                                    Entropy (8bit):5.265181650008984
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:CAFA4C1BACD1A9A4AE7EAF8910582F3A
                                    SHA1:38707FC2D178EC5D9661F38EA17D71C2A7DAA2EA
                                    SHA-256:2318E58EAC76BA52CC64BB865B35E11489353382D3F6B3EB582ACCC827A176A9
                                    SHA-512:D6F239440244EAFB69EACEE272148005A912444C71D8D6E7C849DFAC435D080922F9CC2ABE687216BCE3E12A83BE3B6DF413681E20EEDC2D90D0EC186E72626C
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13387992427440821","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
                                    Category:dropped
                                    Size (bytes):28672
                                    Entropy (8bit):0.3410017321959524
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:98643AF1CA5C0FE03CE8C687189CE56B
                                    SHA1:ECADBA79A364D72354C658FD6EA3D5CF938F686B
                                    SHA-256:4DC3BF7A36AB5DA80C0995FAF61ED0F96C4DE572F2D6FF9F120F9BC44B69E444
                                    SHA-512:68B69FCE8EF5AB1DDA2994BA4DB111136BD441BC3EFC0251F57DC20A3095B8420669E646E2347EAB7BAF30CACA4BCF74BD88E049378D8DE57DE72E4B8A5FF74B
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:SQLite format 3......@ ..........................................................................j..........g.....P....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\edac05db-21a6-4cbb-9356-098d66f746a8.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):12946
                                    Entropy (8bit):5.186921316479228
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:0B2165F04503EFF299F9B3DB6129782F
                                    SHA1:2476D1E35E99034D4BC7B6B2C1EF0D660B0B1D6D
                                    SHA-256:1E69EF488A62EC79CB6EDD03C21AABC4CF2909E58C3B512B0FF721C3F012280F
                                    SHA-512:DFC58A8D8FB05532CA9F6C871020837A1019CF7D89D34F43DA677F3FE7F90EFE13F31D69776B0E84AD31A06B22749839F41101BD84834E88D8FA15828A9BA7B8
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13387992427440821","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\fa353280-c3ed-4cdf-818f-063b980b543e.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:very short file (no magic)
                                    Category:dropped
                                    Size (bytes):1
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:5058F1AF8388633F609CADB75A75DC9D
                                    SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                    SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                    SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:.

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):32768
                                    Entropy (8bit):0.7508534033060542
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:48E1F265415721732FC1C0DCCC454EB6
                                    SHA1:0C3FDDA1316A63039074E29B7DF2D072E5B1E6AE
                                    SHA-256:6FE6839300E1E900BC9E3FC01481FAE46E5498C5C81E0A3915CAEF365A5D602C
                                    SHA-512:40F89D13AF1D67549C30226E0F23D74476625C38B8456D1D42403BBB6F76B6AE457DA19666C75672339E9B62BBBDD9044FF2DC0E275CDFB1843F83D660106732
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:..-......................M..P.T\^..>l_..^........-......................M..P.T\^..>l_..^..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:SQLite Write-Ahead Log, version 3007000
                                    Category:dropped
                                    Size (bytes):3230112
                                    Entropy (8bit):4.3564989781480845
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:E46593D53D85F3491AFA90344832DA65
                                    SHA1:C9BDC5913F1BF297801A3A2B35F5ED25A4065D65
                                    SHA-256:15FC120BD6234D7073D71414D952CBD0564D082A1ABD806ECF383763BE63C083
                                    SHA-512:3967AAAD76E2DBCEB3C3A65997A945AB138AED034D2F9C2D3363F57FED0C0D51320E953C54E9BF45E1A8F3E5FCAC5B7E84E96427C2CFD6B5D76F061BCE7120DB
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:7....-..........^..>l_.....q..$.........^..>l_..X....9I4SQLite format 3......@ ..........................................................................j.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):778
                                    Entropy (8bit):4.124398868679269
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:1FAAEBCE23AC6DB1AFB7018CD0F92E3A
                                    SHA1:F81E1D7E8097B131864E4CA9E11500E2F1BE356D
                                    SHA-256:25E5074087EE9C35CE162089190CE82A75B2F04A088E27C3A539F8ED1E798619
                                    SHA-512:8384E191A8F117757B5B056EF6603189137FFA6812139992182399BD89DFC6AC68D1EF37ED9D9177957C71EFE7D26ABD450372EDA5F4DDF0A826145A14DD9E86
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:A..r.................20_1_1...1.,U.................20_1_1...1?.Q;0................39_config..........6.....n ...1u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=................]:&;...............#38_h.......6.Z..W.F.......n.......n.........WI..;...............#38_h.......6.Z..W.F.....................P....2B.l.................&.0................39_config..........6.....n ....1.M1.;...............#38_h.......6.Z..W.F.....................<....F...;...............#38_h.......6.Z..W.F....................."....

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text
                                    Category:dropped
                                    Size (bytes):317
                                    Entropy (8bit):5.224024757302377
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:0589D0F543687807126F4E0C3FF35E99
                                    SHA1:ABCD4BE33253E577118EC6CA33B796FAA67D09CC
                                    SHA-256:EFBA9B547441D60ED0BD65E5A4D07A1069D7CCCC84E6EB97F2EFA30BC529BA29
                                    SHA-512:43BA0626C48A6C637C1E1E6374B7757FE2E5280A7FC66DB0A8FEDAC78EC3049650E23F79DA804E4B8A0FABDE5D41487FFDBE6ED8C9808199DD1CBD007ECA6299
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:2025/04/01-10:47:07.677 b74 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2025/04/01-10:47:07.678 b74 Recovering log #3.2025/04/01-10:47:07.679 b74 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):816
                                    Entropy (8bit):4.0647916882227655
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:3BE72D8D40752B3A97028FDB2931FABA
                                    SHA1:A27EA4726857A948F0A4B074062B674469A9A371
                                    SHA-256:3C18553C8C3F7E801855F3579AC57F3C156D783BBA27FB35C6D2FB6CB89BD902
                                    SHA-512:8EBD4D6980BB7796615217E72BC65953C920B68B9259341CD52858C1E889EC90339E2A304FE0C971D6C6EF9AFC4A00CFB3E5CC89C7B2DF8737A0C7EC241BDADC
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:.h.6.................__global... .t...................__global... .9..b.................33_..........................33_........v.................21_.....vuNX.................21_.....<...................20_.....X...................20_.....W.J+.................19_......qY.................18_.....'}2..................37_.......c..................38_......i...................39_.....Owa..................20_.....4.9..................20_.....B.I..................19_..........................18_.....2.1..................37_..........................38_......=.%.................39_.....p.j..................9_.....JJ...................9_.....|.&R.................__global... ./....................__global... ..T...................__global... ...G..................__global... ......................__global... .

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text
                                    Category:dropped
                                    Size (bytes):335
                                    Entropy (8bit):5.196472995418407
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:AAD8B4DCFD0DCFA8B1CDAD27290837FF
                                    SHA1:2D226E0B7B5EE30C15732B6CBC77AD23241C886A
                                    SHA-256:C3C74B63A60544E1739CFD251FAD2D5F68494A89AD2974F790406BF8DDB38DC7
                                    SHA-512:91B75EB39E1AAA0B674F7DEC8D334119838F91F834463ACEE62F7AE4A219F772944D23FC1EB2D8DC09CC1FF7E50B58CE9DC57E22B3D6C078F7E96CFE43935AD6
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:2025/04/01-10:47:07.542 b74 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2025/04/01-10:47:07.575 b74 Recovering log #3.2025/04/01-10:47:07.619 b74 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):120
                                    Entropy (8bit):3.32524464792714
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:A397E5983D4A1619E36143B4D804B870
                                    SHA1:AA135A8CC2469CFD1EF2D7955F027D95BE5DFBD4
                                    SHA-256:9C70F766D3B84FC2BB298EFA37CC9191F28BEC336329CC11468CFADBC3B137F4
                                    SHA-512:4159EA654152D2810C95648694DD71957C84EA825FCCA87B36F7E3282A72B30EF741805C610C5FA847CA186E34BDE9C289AAA7B6931C5B257F1D11255CD2A816
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.\.E.d.g.e.\.A.p.p.l.i.c.a.t.i.o.n.\.m.s.e.d.g.e...e.x.e.

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text, with no line terminators
                                    Category:dropped
                                    Size (bytes):13
                                    Entropy (8bit):2.7192945256669794
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:BF16C04B916ACE92DB941EBB1AF3CB18
                                    SHA1:FA8DAEAE881F91F61EE0EE21BE5156255429AA8A
                                    SHA-256:7FC23C9028A316EC0AC25B09B5B0D61A1D21E58DFCF84C2A5F5B529129729098
                                    SHA-512:F0B7DF5517596B38D57C57B5777E008D6229AB5B1841BBE74602C77EEA2252BF644B8650C7642BD466213F62E15CC7AB5A95B28E26D3907260ED1B96A74B65FB
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:117.0.2045.47

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):0
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:A58A410D13DC252E2185A015F77D79A3
                                    SHA1:2037FA00EE15668E0BA37C69E95BC38152FB1D70
                                    SHA-256:379CDB76D911C2C0C129F0760B0E47F9E3F1F6CF37774533D93B35F63DA6D74C
                                    SHA-512:C74CEAEDA041C967A2992569CEFDF33D4DADEF77283FDB215C5DEF30DFBD83850850C51ADF8C1671024E9890634B1E3869D6381C92A595B458F087C9E060AD02
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF27006.TMP (copy)

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):0
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:A58A410D13DC252E2185A015F77D79A3
                                    SHA1:2037FA00EE15668E0BA37C69E95BC38152FB1D70
                                    SHA-256:379CDB76D911C2C0C129F0760B0E47F9E3F1F6CF37774533D93B35F63DA6D74C
                                    SHA-512:C74CEAEDA041C967A2992569CEFDF33D4DADEF77283FDB215C5DEF30DFBD83850850C51ADF8C1671024E9890634B1E3869D6381C92A595B458F087C9E060AD02
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF27015.TMP (copy)

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):0
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:A58A410D13DC252E2185A015F77D79A3
                                    SHA1:2037FA00EE15668E0BA37C69E95BC38152FB1D70
                                    SHA-256:379CDB76D911C2C0C129F0760B0E47F9E3F1F6CF37774533D93B35F63DA6D74C
                                    SHA-512:C74CEAEDA041C967A2992569CEFDF33D4DADEF77283FDB215C5DEF30DFBD83850850C51ADF8C1671024E9890634B1E3869D6381C92A595B458F087C9E060AD02
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2715d.TMP (copy)

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):0
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:A58A410D13DC252E2185A015F77D79A3
                                    SHA1:2037FA00EE15668E0BA37C69E95BC38152FB1D70
                                    SHA-256:379CDB76D911C2C0C129F0760B0E47F9E3F1F6CF37774533D93B35F63DA6D74C
                                    SHA-512:C74CEAEDA041C967A2992569CEFDF33D4DADEF77283FDB215C5DEF30DFBD83850850C51ADF8C1671024E9890634B1E3869D6381C92A595B458F087C9E060AD02
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2984e.TMP (copy)

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):0
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:A58A410D13DC252E2185A015F77D79A3
                                    SHA1:2037FA00EE15668E0BA37C69E95BC38152FB1D70
                                    SHA-256:379CDB76D911C2C0C129F0760B0E47F9E3F1F6CF37774533D93B35F63DA6D74C
                                    SHA-512:C74CEAEDA041C967A2992569CEFDF33D4DADEF77283FDB215C5DEF30DFBD83850850C51ADF8C1671024E9890634B1E3869D6381C92A595B458F087C9E060AD02
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2c78c.TMP (copy)

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):0
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:A58A410D13DC252E2185A015F77D79A3
                                    SHA1:2037FA00EE15668E0BA37C69E95BC38152FB1D70
                                    SHA-256:379CDB76D911C2C0C129F0760B0E47F9E3F1F6CF37774533D93B35F63DA6D74C
                                    SHA-512:C74CEAEDA041C967A2992569CEFDF33D4DADEF77283FDB215C5DEF30DFBD83850850C51ADF8C1671024E9890634B1E3869D6381C92A595B458F087C9E060AD02
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2fbbb.TMP (copy)

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):0
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:A58A410D13DC252E2185A015F77D79A3
                                    SHA1:2037FA00EE15668E0BA37C69E95BC38152FB1D70
                                    SHA-256:379CDB76D911C2C0C129F0760B0E47F9E3F1F6CF37774533D93B35F63DA6D74C
                                    SHA-512:C74CEAEDA041C967A2992569CEFDF33D4DADEF77283FDB215C5DEF30DFBD83850850C51ADF8C1671024E9890634B1E3869D6381C92A595B458F087C9E060AD02
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF34874.TMP (copy)

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):0
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:A58A410D13DC252E2185A015F77D79A3
                                    SHA1:2037FA00EE15668E0BA37C69E95BC38152FB1D70
                                    SHA-256:379CDB76D911C2C0C129F0760B0E47F9E3F1F6CF37774533D93B35F63DA6D74C
                                    SHA-512:C74CEAEDA041C967A2992569CEFDF33D4DADEF77283FDB215C5DEF30DFBD83850850C51ADF8C1671024E9890634B1E3869D6381C92A595B458F087C9E060AD02
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF37b7a.TMP (copy)

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):0
                                    Entropy (8bit):0.0
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:A58A410D13DC252E2185A015F77D79A3
                                    SHA1:2037FA00EE15668E0BA37C69E95BC38152FB1D70
                                    SHA-256:379CDB76D911C2C0C129F0760B0E47F9E3F1F6CF37774533D93B35F63DA6D74C
                                    SHA-512:C74CEAEDA041C967A2992569CEFDF33D4DADEF77283FDB215C5DEF30DFBD83850850C51ADF8C1671024E9890634B1E3869D6381C92A595B458F087C9E060AD02
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 4
                                    Category:dropped
                                    Size (bytes):20480
                                    Entropy (8bit):0.6076734404679848
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:F8EF21D26493A9CCDCC67C57903041B0
                                    SHA1:4698EBCEDA9BBDBCED60809F8DD4462909D80C21
                                    SHA-256:EEB4D9CE5D926F93404E8BE393D20EDAD935D2303DDC690885CAEC2DD78D2FF7
                                    SHA-512:B1EC66B2A2F86503FF3142F911D58B9AE925A61A52BDF3A63A18CA71112D6C5D0A040185E81B5805D2468F12547D6B8D687AAE6BBA0D236926C754DF0042B349
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text, with no line terminators
                                    Category:dropped
                                    Size (bytes):47
                                    Entropy (8bit):4.3818353308528755
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:48324111147DECC23AC222A361873FC5
                                    SHA1:0DF8B2267ABBDBD11C422D23338262E3131A4223
                                    SHA-256:D8D672F953E823063955BD9981532FC3453800C2E74C0CC3653D091088ABD3B3
                                    SHA-512:E3B5DB7BA5E4E3DE3741F53D91B6B61D6EB9ECC8F4C07B6AE1C2293517F331B716114BAB41D7935888A266F7EBDA6FABA90023EFFEC850A929986053853F1E02
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):35
                                    Entropy (8bit):4.014438730983427
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:BB57A76019EADEDC27F04EB2FB1F1841
                                    SHA1:8B41A1B995D45B7A74A365B6B1F1F21F72F86760
                                    SHA-256:2BAE8302F9BD2D87AE26ACF692663DF1639B8E2068157451DA4773BD8BD30A2B
                                    SHA-512:A455D7F8E0BE9A27CFB7BE8FE0B0E722B35B4C8F206CAD99064473F15700023D5995CC2C4FAFDB8FBB50F0BAB3EC8B241E9A512C0766AAAE1A86C3472C589FFD
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"forceServiceDetermination":false}

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text, with no line terminators
                                    Category:dropped
                                    Size (bytes):50
                                    Entropy (8bit):3.9904355005135823
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:E144AFBFB9EE10479AE2A9437D3FC9CA
                                    SHA1:5AAAC173107C688C06944D746394C21535B0514B
                                    SHA-256:EB28E8ED7C014F211BD81308853F407DF86AEBB5F80F8E4640C608CD772544C2
                                    SHA-512:837D15B3477C95D2D71391D677463A497D8D9FFBD7EB42E412DA262C9B5C82F22CE4338A0BEAA22C81A06ECA2DF7A9A98B7D61ECACE5F087912FD9BA7914AF3F
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:topTraffic_170540185939602997400506234197983529371

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):575056
                                    Entropy (8bit):7.999649474060713
                                    Encrypted:true
                                    SSDEEP:
                                    MD5:BE5D1A12C1644421F877787F8E76642D
                                    SHA1:06C46A95B4BD5E145E015FA7E358A2D1AC52C809
                                    SHA-256:C1CE928FBEF4EF5A4207ABAFD9AB6382CC29D11DDECC215314B0522749EF6A5A
                                    SHA-512:FD5B100E2F192164B77F4140ADF6DE0322F34D7B6F0CF14AED91BACAB18BB8F195F161F7CF8FB10651122A598CE474AC4DC39EDF47B6A85C90C854C2A3170960
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:...._+jE.`..}....S..1....G}s..E....y".Wh.^.W.H...-...#.A...KR...9b........>k......bU.IVo...D......Y..[l.yx.......'c=..I0.....E.d...-...1 ....m../C...OQ.........qW..<:N.....38.u..X-..s....<..U.,Mi..._.......`.Y/.........^..,.E..........j@..G8..N.... ..Ea...4.+.79k.!T.-5W..!..@+..!.P..LDG.....V."....L.... .(#..$..&......C.....%A.T}....K_.S..'Q.".d....s....(j.D!......Ov..)*d0)."(..%..-..G..L.}....i.....m9;.....t.w..0....f?..-..M.c.3.....N7K.T..D>.3.x...z..u$5!..4..T.....U.O^L{.5..=E..'..;.}(|.6.:..f!.>...?M.8......P.D.J.I4.<...*.y.E....>....i%.6..Y.@..n.....M..r..C.f.;..<..0.H...F....h.......HB1]1....u..:...H..k....B.Q..J...@}j~.#...'Y.J~....I...ub.&..L[z..1.W/.Ck....M.......[.......N.F..z*.{nZ~d.V.4.u.K.V.......X.<p..cz..>*....X...W..da3(..g..Z$.L4.j=~.p.l.\.[e.&&.Y ...U)..._.^r0.,.{_......`S..[....(.\..p.bt.g..%.$+....f.....d....Im..f...W ......G..i_8a..ae..7....pS.....z-H..A.s.4.3..O.r.....u.S......a.}..v.-/..... ...a.x#./:...sS&U.().xL...pg

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):86
                                    Entropy (8bit):4.3751917412896075
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:67408267EF01ED6B9372F04C029B602A
                                    SHA1:8B7C489754731F399077B899ABFE55475AC2ABE7
                                    SHA-256:B5AA30B0D3E08F80F60EFFA00FE335D2295FA494B36F33A2E8D8C66E0A34234A
                                    SHA-512:C980C28555803B9043F863D21427ABA9611BFE49296A8409E4D15759631DEA613F40D860D6600DDDCE2610AB7654A69FFB2ABDE0867AB2E17B547E34897E1A41
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"user_experience_metrics.stability.exited_cleanly":false,"variations_crash_streak":5}

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\d5433e59-a374-45db-bf58-99502e842914.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):58957
                                    Entropy (8bit):6.106507574010573
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:B6C04BC157EFF3B98513834E4798A1BF
                                    SHA1:0A3CDF472E16AA8269C483A9B0483A9BCD39A538
                                    SHA-256:8A8576EB27063DA1FD1203DEE567EB8BBD462349A7A1CF6977D2E8B070E5E771
                                    SHA-512:B3820E163FF766962BEDE70E7E3287CDEC09C3E6D873DB103D7E694B097AA77B62FBA7FF52F84A4A3D120520EDF1F7DC8EC5F614502C06F15BA90F90729D10B0
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                    C:\Users\user\AppData\Local\Microsoft\Edge\User Data\d7a6dad5-718e-443a-b915-2493ed1cd262.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):49172
                                    Entropy (8bit):6.096584836644521
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:5F3502C3999083BF4A422FBCCD1FF3A0
                                    SHA1:E0ECEF8AF85C84B93DB99AA490A8CF5643F59D4E
                                    SHA-256:ED61EFC8884FFE4039E8367D203A492CB8783A5FC15E4BC0C6BAAECD6D516802
                                    SHA-512:E1B3153930C044BBDDAFE010D32B499F717DE434A54E2D813092CB4BB315D2AAFEA5D04E7CA7D98B23DB84B519BFDDDD43250497C83267C4982CF8876EFACA1E
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1743518892"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNor

                                    C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):2278
                                    Entropy (8bit):3.850513499226506
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:92B1AC1319CF0171049AF84D2BE691E1
                                    SHA1:DED131FA4A523E78D770C081D4F7E70CBD137E1E
                                    SHA-256:99CC3299A302E0F501E3113932E3A80030AFBFB68CDE45D60953DB8C6BF95BB7
                                    SHA-512:AE803B6932E1CCE94E4D410EB6054114C3FC8DAD2FF454A7D5FBA21D000CAAF151B89B2B172937F203FDC7502C6C888B30D73AA097BDEF55F38AA09F85A461EE
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".W.i.p.w.W.M.+.N.H.l.b.C.D.m.s.Z.p.8.S.O.s.j.h.t.F.B.s.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.G.Y.I.U.x.2.j.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.a.c.y.A.c.f.

                                    C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):4622
                                    Entropy (8bit):3.9987908822772957
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:17D91DF92202835C9655FF5C4F2F298F
                                    SHA1:6DAEB9B275EC71C67412C00A7909CB959DE081CC
                                    SHA-256:CE6320D3516E257F3C715CCE5FB9FEC36697646AECA5896025BBFD879836B5DB
                                    SHA-512:619BAE913F5448AADC50BF970D249DDFF9A038ECC61DCC8E6181C2DDF27970E11ED09C5F4DF6D1D632FDD3052EE55E89119514DAAA834A809C5934D436907FD2
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".z.3.U.T.q.T.b.3.7./.u.z.h.i.f.l.b.4.0.f.z.h.D.r.E.s.w.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".I.t.E.W.O.R.W.j.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.w.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.a.c.y.A.c.f.

                                    C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):2684
                                    Entropy (8bit):3.8918948640401316
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:50D32ACC05152B2A5469D014B970AC94
                                    SHA1:7EF73D6DD14518D9A9EFF62BEA8F2274DB74FE3C
                                    SHA-256:6BB55EE16A61764D15A3B8D8F06FD895953DB92D72D9B10EB968BC76ECA4C090
                                    SHA-512:61B0787F775701BA3E58F0F8056EC6E8B41E78A7D01EEC330947AFE73F1174E8D98DD03990292A04F6CD52824E43A8EF1B804D7E4A0CB663277659C5B799A530
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".6.N.3.U.y.9.n.A.U.E.q.s.5.u.9.6.E./.o.g.0.E./.V.J.A.g.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".r.T.3.t.a.e.b.B.3.A.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.a.c.y.A.c.f.

                                    C:\Users\user\AppData\Local\Temp\181c27cb-d9d0-4c4c-a2b4-797328be7749.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:PNG image data, 342 x 126, 8-bit colormap, non-interlaced
                                    Category:dropped
                                    Size (bytes):7530
                                    Entropy (8bit):7.939299447353715
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:A96BE32BF33CCDC6C0B4137ECB5FD563
                                    SHA1:2CDDF8A54326A15323660D44FAD9C0DC485C8D12
                                    SHA-256:A6B4FC12406A93652C8856AAA158CE23A3D119B9E6FCFA01ACECB568B0BE001C
                                    SHA-512:A6194A915071E400BFB865E21091649A741588EAC78D61850647A7FD2DEEABA3E030C7B07675E7B09AEC50CCF1B33A655737B8E6A31A4DC86A054E1CC108F927
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:.PNG........IHDR...V...~.....H..^....PLTE....ZB.|S.........E.TE.E.TF........(L{.......E.+Fm.......................WL..................UI....Jh......\O...~.L<.OE.........[.k..o.\..f.V....eY.{...u.j......~.......\.bR^......{.`.T.b..r._T.ob.L;.V..w.y..N..z.}j..r._........WK.......{n.n..F...n.sb.lY.h..........b...........{...o.d.a.N3.....n....l....O..U..j..y....S.w.....y.?&..m..R..........s.n..{..^..V...y.-....D..........D...:f..S....Y..b..[{."h..S.....g.T..dx..x.;^.qR....Fs.!L.r...'....oo..0......i.0K......fF...o..0%.}..D....Wi..D.2,.CZ.s?p.2.Ud.c....4..@.b-.:~..#. .......K..y.dy..<:.%9...:Y.J'.$Eo.....>]..}Y.>.6<X>6.bW.d4.......cxTA......dI.OA..S-K.....tRNS... .vvv....p..l.....IDATx...;..0..a...[w..=;.`!>..X..FW...?..)tY..2......*d.*..&N.K.N.v....T..n.]U$.V+L.X.Fq..kV..fq'.X!...!}~..|...P0.........Y+feVf=....0...n.R."E(..H

                                    C:\Users\user\AppData\Local\Temp\2d095425-7df2-47f8-903f-ae7d428e54d9.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components 3
                                    Category:dropped
                                    Size (bytes):103469
                                    Entropy (8bit):7.5851113512003785
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:37CF67E6E5D3AE47CF40406A1E8BE94F
                                    SHA1:2A6F868ADC761DB9C03869E238BEA0D67D1FE6CE
                                    SHA-256:B4B4DBE335296D0CCF9C659D671A54C2FA06F8B4E41228CF03E1D21F7C8F9D03
                                    SHA-512:51F2C8B56592237378BE92C3EFCD814FC3E144120D109B15A7341AB03F9674251EE8B21BB172E6E021100F4EF792A5114D5B94F86EE0B157FD3386975BEC94CD
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:......Exif..II*.................Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''........V.."....................................................................................!1..AQ..aq."2....R..T....Br.#S.U..b..3Cs...t6.c.$D.5uV...4d.E&....%F......................!1..AQaq....."2......BRbr3CS....#..4.............?......1f.n..T......TP....E...........P.....@.........E..@......E.P........@........E.....P.P..A@@.E..@.P.P..AP.P..AP..@....T..AP.E..P.Z .. ....."... .....7.H...w.....t.....T....M.."... P..n.n..t5..*B.P..*(.................*.....................( ..................*.. .".... .".......(.. .".....*.. ....o......E.6... ..*..."........."J......Ah......@.@@....:@{6..wCp..3...((.(......................*...@..(...."....................*......*.. ........T.......@.@@........AP.P..@.E@....E@.d.E@.@@..@.P.T..@..@..P.D...@M........EO..."...=.wCp.....R......P.@......

                                    C:\Users\user\AppData\Local\Temp\91405d38-5e45-43a0-9965-5b62dda29826.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:RIFF (little-endian) data, Web/P image
                                    Category:dropped
                                    Size (bytes):603056
                                    Entropy (8bit):7.997897106819901
                                    Encrypted:true
                                    SSDEEP:
                                    MD5:BE21290223713B6D1FA93995CD068BAF
                                    SHA1:00FDEA541A1795364DB8E72B4E822467CB5A4428
                                    SHA-256:F4934C3AEFAF82F0A443F513CA9CB336F0822965E7B5E27CEBB503AD0581CD27
                                    SHA-512:2CC58B9C9072C55D6904567810620546AD19E403B2BEB84C7704B2F69497AEA4CF26A1DE2056BA54A311C263F768E703A654C070E5AA1FB66BBA519A87132313
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:RIFF~...WEBPVP8Lq.../..A...m.I.P..r.^...L_......|..o"...DF..*B.$....qU%.:%..Lu.U=I...{8...W.CP...G.L ...T..f.H.vE.Ui.............l..j;..T...].y.3]Uu.6.L.......FD./.........xH.m.G. ]....<".1...5M... 3....."d........r......*B...*r.B(.}.H..."...i[]...'."..:...H..._..J......6h....x..=ci.....dD..h.......>.{..$.X....z..]....YM]d..l.G.E.u...t.R.H.~.......E._.O...v.9.$.J.'85Z..o.7...M."I.#.wO.L;.......Pn$..t.B..[.A.I....01.?.X........p........<p^.(..@D..:O..".......8`......@\.......@..10..@.,...%"P..bQ....u,..x.|.@... `...9c..9...........|a.1....4@.8...x..xr8.FD...{?@.....<yp8...r.....6...C.r.(....;.@.q..f,..1"x.....a..1..c.a-...Z.......#"...*....A<....f..b....7.Y.F.B;lu.Q.$.i..<,FD...9..........)"" ....RJT"b.....q.@..48ED........'.FD`.!..h......p..h..6..KD....S..0..P....x..A.HYdy.....XD.0F..Q4..H+..3.c.@..1bTbT.E.v....Q....Jd.,...8BD.bT"...X{s.@."...!...]{......A.F...?...=.......'nW^v.6.&/.2..@....@.*?.%.`.....|......&w..n80.7x..'.#~Ec...M.......&7I2

                                    C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_16827_20130-20250401T1046220682-6300.etl

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):102400
                                    Entropy (8bit):4.513075551602397
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:4EA66AD6A403B3E209B0338DFBDBC93B
                                    SHA1:3DF5A004D2900A308F598934A60B12D4E9DC2EF2
                                    SHA-256:ED22F6B90A790C198D30ACA40D2D2C915F31BECB5EC3432ED8A9E3656EE8DE8F
                                    SHA-512:EF1EA3AD6D34E46EFC767425E9FF385A3A2630EFC6CD02C6A55B08255400F1BDCA5799369D80AD063E317F55C11ECD4EBBA2FDB3FEE63E3276E39A5B6DA1B84A
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:............................................................................`...........c.A.....................eJ..............Zb..2...................................,...@.t.z.r.e.s...d.l.l.,.-.1.1.2.......................................................@.t.z.r.e.s...d.l.l.,.-.1.1.1...........................................................@...5...........c.A.............v.2._.O.U.T.L.O.O.K.:.1.8.9.c.:.1.0.2.0.5.a.8.e.2.2.a.c.4.3.1.4.8.5.a.4.b.e.f.5.1.1.8.a.9.8.6.8...C.:.\.U.s.e.r.s.\.c.a.l.i.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.T.e.m.p.\.O.u.t.l.o.o.k. .L.o.g.g.i.n.g.\.O.U.T.L.O.O.K._.1.6._.0._.1.6.8.2.7._.2.0.1.3.0.-.2.0.2.5.0.4.0.1.T.1.0.4.6.2.2.0.6.8.2.-.6.3.0.0...e.t.l.......P.P.........svC.............................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\AppData\Local\Temp\a99e31d0-37ca-4d4b-9b5a-ec683f43c347.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:Google Chrome extension, version 3
                                    Category:dropped
                                    Size (bytes):156648
                                    Entropy (8bit):7.846668149244464
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:DD9BF8448D3DDCFD067967F01E8BF6D7
                                    SHA1:D7829475B2BD6A3BAA8FABFAF39AF57C6439B35E
                                    SHA-256:FA2232917A5656EA4F811936561EA6B7C92B3C0004C5E08ECB97636D3AFC6F72
                                    SHA-512:65347DF34378C2BBB34417E2CCCFB3251A0B2412422CC190EED9DF525B6E0A9948E0295EA3C33B3AD873CE81E369E89A138AC41D6EB7229546C3269107E661DE
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[...........F.oD..R..OC2,.B~V.-O..2G..C....W.......v6....>^W.L.Z.^J.@V.t........R.l..:...Y=...@T......R6...v"+......EW.:.r.D.......T.V..t..f/e*.K....$...-\.e9R...K.......L.....-9.A...."U.@..hOicn._Q .3.~K".0...JR.......W.Nm4m..p...(j.2Q..@.../...3.s....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...H0F.!...B.z..Q..l_*.........<:X..v....!..8} ..LV.....U.@k......6:A.....a".%............o.....J._.H..I.m..a........L..!LB&..|..i...=.r.5[b.`..Z.z..?..n..<..K..O?.kU.....P].p:........}%.Z^........!..K....3h..6......U.<.p.v..+3.Si....^.......T/Rd...Y._..5....M..9R....q..)l>.g......K..%K.....D\<...g..18.nl.....@..P..

                                    C:\Users\user\AppData\Local\Temp\cv_debug.log

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1420
                                    Entropy (8bit):5.401305257186049
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:9E384E68330721F85FDD2CD614A92FEE
                                    SHA1:E389B8EB4CD0905F58979266FC19BF9076324642
                                    SHA-256:702BFE5CCFFC86707310FE7909FDA8042ABB1AC87D4E9B744E4D532B032FFA56
                                    SHA-512:11FCB1FA7FAD6BD57569EBEB09BF1D3A6E63C3795A9258B804B9A22EFDF1EA969ED79A719A3D05F6C6F09CE9D9D2BA805118AF1858BEB98F94C4D02EFACDC8C2
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"logTime": "1006/090722", "correlationVector":"rmkayOhJfEabcRCB2/Bp31","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1006/090722", "correlationVector":"jqHPV/yTVN5KYgOfDN/5Rr","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1006/090722", "correlationVector":"25C1A0EE3BD244A1BB83CF2641B12F1A","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1006/093120", "correlationVector":"a/GaihlkzouX6tpAQ3civy","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1006/093121", "correlationVector":"2831F27CA5B645488E2DF2452C16A59E","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1006/093243", "correlationVector":"7DhT8FK3VbHYWFgub0ZtsN","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1006/093243", "correlationVector":"83EFC8979E1A419495133BAFAFA5A23F","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1006/093745", "correlationVector":"Bxyvid0fodNJ7Wehc/BC7P","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1006/093746", "correlationVector":"B1516CBB

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_414205014\9285b25b-0613-427a-a3d9-541144a4a2fd.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:Google Chrome extension, version 3
                                    Category:dropped
                                    Size (bytes):11185
                                    Entropy (8bit):7.951995436832936
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                    SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                    SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                    SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_414205014\CRX_INSTALL\_metadata\verified_contents.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1753
                                    Entropy (8bit):5.8889033066924155
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:738E757B92939B24CDBBD0EFC2601315
                                    SHA1:77058CBAFA625AAFBEA867052136C11AD3332143
                                    SHA-256:D23B2BA94BA22BBB681E6362AE5870ACD8A3280FA9E7241B86A9E12982968947
                                    SHA-512:DCA3E12DD5A9F1802DB6D11B009FCE2B787E79B9F730094367C9F26D1D87AF1EA072FF5B10888648FB1231DD83475CF45594BB0C9915B655EE363A3127A5FFC2
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:[.. {.. "description": "treehash per file",.. "signed_content": {.. "payload": "eyJpdGVtX2lkIjoiam1qZmxnanBjcGVwZWFmbW1nZHBma29na2doY3BpaGEiLCJpdGVtX3ZlcnNpb24iOiIxLjIuMSIsInByb3RvY29sX3ZlcnNpb24iOjEsImNvbnRlbnRfaGFzaGVzIjpbeyJmb3JtYXQiOiJ0cmVlaGFzaCIsImRpZ2VzdCI6InNoYTI1NiIsImJsb2NrX3NpemUiOjQwOTYsImhhc2hfYmxvY2tfc2l6ZSI6NDA5NiwiZmlsZXMiOlt7InBhdGgiOiJjb250ZW50LmpzIiwicm9vdF9oYXNoIjoiQS13R1JtV0VpM1lybmxQNktneUdrVWJ5Q0FoTG9JZnRRZGtHUnBEcnp1QSJ9LHsicGF0aCI6ImNvbnRlbnRfbmV3LmpzIiwicm9vdF9oYXNoIjoiVU00WVRBMHc5NFlqSHVzVVJaVTFlU2FBSjFXVENKcHhHQUtXMGxhcDIzUSJ9LHsicGF0aCI6Im1hbmlmZXN0Lmpzb24iLCJyb290X2hhc2giOiJKNXYwVTkwRmN0ejBveWJMZmZuNm5TbHFLU0h2bHF2YkdWYW9FeWFOZU1zIn1dfV19",.. "signatures": [.. {.. "header": {.. "kid": "publisher".. },.. "protected": "eyJhbGciOiJSUzI1NiJ9",.. "signature": "UglEEilkOml5P1W0X6wc-_dB87PQB73uMir11923av57zPKujb4IUe_lbGpn7cRZsy6x-8i9eEKxAW7L2TSmYqrcp4XtiON6ppcf27FWACXOUJDax9wlMr-EOtyZhykCnB9vR

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_414205014\CRX_INSTALL\content.js

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
                                    Category:dropped
                                    Size (bytes):9815
                                    Entropy (8bit):6.1716321262973315
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:3D20584F7F6C8EAC79E17CCA4207FB79
                                    SHA1:3C16DCC27AE52431C8CDD92FBAAB0341524D3092
                                    SHA-256:0D40A5153CB66B5BDE64906CA3AE750494098F68AD0B4D091256939EEA243643
                                    SHA-512:315D1B4CC2E70C72D7EB7D51E0F304F6E64AC13AE301FD2E46D585243A6C936B2AD35A0964745D291AE9B317C316A29760B9B9782C88CC6A68599DB531F87D59
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_414205014\CRX_INSTALL\content_new.js

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
                                    Category:dropped
                                    Size (bytes):10388
                                    Entropy (8bit):6.174387413738973
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:3DE1E7D989C232FC1B58F4E32DE15D64
                                    SHA1:42B152EA7E7F31A964914F344543B8BF14B5F558
                                    SHA-256:D4AA4602A1590A4B8A1BCE8B8D670264C9FB532ADC97A72BC10C43343650385A
                                    SHA-512:177E5BDF3A1149B0229B6297BAF7B122602F7BD753F96AA41CCF2D15B2BCF6AF368A39BB20336CCCE121645EC097F6BEDB94666C74ACB6174EB728FBFC43BC2A
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_414205014\CRX_INSTALL\manifest.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):962
                                    Entropy (8bit):5.698567446030411
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:E805E9E69FD6ECDCA65136957B1FB3BE
                                    SHA1:2356F60884130C86A45D4B232A26062C7830E622
                                    SHA-256:5694C91F7D165C6F25DAF0825C18B373B0A81EA122C89DA60438CD487455FD6A
                                    SHA-512:049662EF470D2B9E030A06006894041AE6F787449E4AB1FBF4959ADCB88C6BB87A957490212697815BB3627763C01B7B243CF4E3C4620173A95795884D998A75
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "content_scripts": [ {.. "js": [ "content.js" ],.. "matches": [ "https://chrome.google.com/webstore/*" ].. }, {.. "js": [ "content_new.js" ],.. "matches": [ "https://chromewebstore.google.com/*" ].. } ],.. "description": "Edge relevant text changes on select websites to improve user experience and precisely surfaces the action they want to take.",.. "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu06p2Mjoy6yJDUUjCe8Hnqvtmjll73XqcbylxFZZWe+MCEAEK+1D0Nxrp0+IuWJL02CU3jbuR5KrJYoezA36M1oSGY5lIF/9NhXWEx5GrosxcBjxqEsdWv/eDoOOEbIvIO0ziMv7T1SUnmAA07wwq8DXWYuwlkZU/PA0Mxx0aNZ5+QyMfYqRmMpwxkwPG8gyU7kmacxgCY1v7PmmZo1vSIEOBYrxl064w5Q6s/dpalSJM9qeRnvRMLsszGY/J2bjQ1F0O2JfIlBjCOUg/89+U8ZJ1mObOFrKO4um8QnenXtH0WGmsvb5qBNrvbWNPuFgr2+w5JYlpSQ+O8zUCb8QZwIDAQAB",.. "manifest_version": 3,.. "name": "Edge relevant text changes",.. "update_url": "https://edge.microsoft.com/extensionwebstorebase/v1/crx",.. "version": "1.2.1"..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\128.png

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
                                    Category:dropped
                                    Size (bytes):4982
                                    Entropy (8bit):7.929761711048726
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:913064ADAAA4C4FA2A9D011B66B33183
                                    SHA1:99EA751AC2597A080706C690612AEEEE43161FC1
                                    SHA-256:AFB4CE8882EF7AE80976EBA7D87F6E07FCDDC8E9E84747E8D747D1E996DEA8EB
                                    SHA-512:162BF69B1AD5122C6154C111816E4B87A8222E6994A72743ED5382D571D293E1467A2ED2FC6CC27789B644943CF617A56DA530B6A6142680C5B2497579A632B5
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:.PNG........IHDR..............>a....=IDATx..]}...U..;...O.Q..QH.I(....v..E....GUb*..R[.4@%..hK..B..(.B..". ....&)U#.%...jZ...JC.8.....{.cfvgf.3;.....}ow.....{...P.B...*T.P.B...*Tx...=.Q..wv.w.....|.e.1.$.P.?..l_\.n.}...~.g.....Q...A.f....m.....{,...C2 %..X.......FE.1.N..f...Q..D.K87.....:g..Q.{............3@$.8.....{.....q....G.. .....5..y......)XK..F...D.......... ."8...J#.eM.i....H.E.....a.RIP.`......)..T.....! .[p`X.`..L.a....e. .T..2.....H..p$..02...j....\..........s{...Ymm~.a........f.$./.[.{..C.2:.0..6..]....`....NW.....0..o.T..$;k.2......_...k..{,.+........{..6...L..... .dw...l$..}...K...EV....0......P...e....k....+Go....qw.9.1...X2\..qfw0v.....N...{...l.."....f.A..I..+#.v....'..~E.N-k.........{...l.$..ga..1...$......x$X=}.N..S..B$p..`..`.ZG:c..RA.(.0......Gg.A.I..>...3u.u........_..KO.m.........C...,..c.......0...@_..m...-..7.......4LZ......j@.......\..'....u. QJ.:G..I`.w'B0..w.H..'b.0- ......|..}./.....e..,.K.1........W.u.v. ...\.o

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\af\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):908
                                    Entropy (8bit):4.512512697156616
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:12403EBCCE3AE8287A9E823C0256D205
                                    SHA1:C82D43C501FAE24BFE05DB8B8F95ED1C9AC54037
                                    SHA-256:B40BDE5B612CFFF936370B32FB0C58CC205FC89937729504C6C0B527B60E2CBA
                                    SHA-512:153401ECDB13086D2F65F9B9F20ACB3CEFE5E2AEFF1C31BA021BE35BF08AB0634812C33D1D34DA270E5693A8048FC5E2085E30974F6A703F75EA1622A0CA0FFD
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "SKEP NUWE".. },.. "explanationofflinedisabled": {.. "message": "Jy is vanlyn. As jy Google Dokumente sonder 'n internetverbinding wil gebruik, moet jy die volgende keer as jy aan die internet gekoppel is na instellings op die Google Dokumente-tuisblad gaan en vanlynsinkronisering aanskakel.".. },.. "explanationofflineenabled": {.. "message": "Jy is vanlyn, maar jy kan nog steeds beskikbare l.ers redigeer of nuwes skep.".. },.. "extdesc": {.. "message": "Skep, wysig en bekyk jou dokumente, sigblaaie en aanbiedings . alles sonder toegang tot die internet.".. },.. "extname": {.. "message": "Google Vanlyn Dokumente".. },.. "learnmore": {.. "message": "Kom meer te wete".. },.. "popuphelptext": {.. "message": "Skryf, redigeer en werk saam, waar jy ook al is, met of sonder 'n internetverbinding.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\am\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1285
                                    Entropy (8bit):4.702209356847184
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:9721EBCE89EC51EB2BAEB4159E2E4D8C
                                    SHA1:58979859B28513608626B563138097DC19236F1F
                                    SHA-256:3D0361A85ADFCD35D0DE74135723A75B646965E775188F7DCDD35E3E42DB788E
                                    SHA-512:FA3689E8663565D3C1C923C81A620B006EA69C99FB1EB15D07F8F45192ED9175A6A92315FA424159C1163382A3707B25B5FC23E590300C62CBE2DACE79D84871
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "... ...".. },.. "explanationofflinedisabled": {.. "message": "..... .. .... Google ..... ........ ..... ..... .Google .... ... .. .. .. ..... .... ....... .. ....... ... .. .. ..... .. ..... ....".. },.. "explanationofflineenabled": {.. "message": "..... .. .... ... .. .... .... ..... .... ... ..... .... .....".. },.. "extdesc": {.. "message": "...... ..... .... ... .. ..... ...... ..... .... .. ..... . .... .. ...... .....".. },.. "extname": {.. "message": "..... .. Goog

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\ar\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1244
                                    Entropy (8bit):4.5533961615623735
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:3EC93EA8F8422FDA079F8E5B3F386A73
                                    SHA1:24640131CCFB21D9BC3373C0661DA02D50350C15
                                    SHA-256:ABD0919121956AB535E6A235DE67764F46CFC944071FCF2302148F5FB0E8C65A
                                    SHA-512:F40E879F85BC9B8120A9B7357ED44C22C075BF065F45BEA42BD5316AF929CBD035D5D6C35734E454AEF5B79D378E51A77A71FA23F9EBD0B3754159718FCEB95C
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "..... ....".. },.. "explanationofflinedisabled": {.. "message": "... ... ...... ........ ....... Google ... ..... .......... ..... ... ......... .. ...... ........ ........ Google ..... ........ ... ..... .. ..... ....... .... .... .... ..........".. },.. "explanationofflineenabled": {.. "message": "... ... ...... .... .. .... ....... ..... ....... ....... .. ..... ..... ......".. },.. "extdesc": {.. "message": "..... ......... ...... ........ ....... ......... ........ ....... .. ... ... ..... .........".. },.. "extname": {.. "message": "....... Google ... ......".. },.. "learnmore": {.. "messa

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\az\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):977
                                    Entropy (8bit):4.867640976960053
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:9A798FD298008074E59ECC253E2F2933
                                    SHA1:1E93DA985E880F3D3350FC94F5CCC498EFC8C813
                                    SHA-256:628145F4281FA825D75F1E332998904466ABD050E8B0DC8BB9B6A20488D78A66
                                    SHA-512:9094480379F5AB711B3C32C55FD162290CB0031644EA09A145E2EF315DA12F2E55369D824AF218C3A7C37DD9A276AEEC127D8B3627D3AB45A14B0191ED2BBE70
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "YEN.S.N. YARADIN".. },.. "explanationofflinedisabled": {.. "message": "Oflayns.n.z. Google S.n.di internet ba.lant.s. olmadan istifad. etm.k ist.yirsinizs., Google S.n.din .sas s.hif.sind. ayarlara gedin v. n.vb.ti d.f. internet. qo.ulanda oflayn sinxronizasiyan. aktiv edin.".. },.. "explanationofflineenabled": {.. "message": "Oflayns.n.z, amma m.vcud fayllar. redakt. ed. v. yenil.rini yarada bil.rsiniz.".. },.. "extdesc": {.. "message": "S.n.d, c.dv.l v. t.qdimatlar.n ham.s.n. internet olmadan redakt. edin, yarad.n v. bax.n.".. },.. "extname": {.. "message": "Google S.n.d Oflayn".. },.. "learnmore": {.. "message": ".trafl. M.lumat".. },.. "popuphelptext": {.. "message": "Harda olma..n.zdan v. internet. qo.ulu olub-olmad...n.zdan as.l. olmayaraq, yaz.n, redakt. edin v. .m.kda.l.q edin.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\be\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):3107
                                    Entropy (8bit):3.535189746470889
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:68884DFDA320B85F9FC5244C2DD00568
                                    SHA1:FD9C01E03320560CBBB91DC3D1917C96D792A549
                                    SHA-256:DDF16859A15F3EB3334D6241975CA3988AC3EAFC3D96452AC3A4AFD3644C8550
                                    SHA-512:7FF0FBD555B1F9A9A4E36B745CBFCAD47B33024664F0D99E8C080BE541420D1955D35D04B5E973C07725573E592CD0DD84FDBB867C63482BAFF6929ADA27CCDE
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"createnew":{"message":"\u0421\u0422\u0412\u0410\u0420\u042b\u0426\u042c \u041d\u041e\u0412\u042b"},"explanationofflinedisabled":{"message":"\u0412\u044b \u045e \u043f\u0430\u0437\u0430\u0441\u0435\u0442\u043a\u0430\u0432\u044b\u043c \u0440\u044d\u0436\u044b\u043c\u0435. \u041a\u0430\u0431 \u043a\u0430\u0440\u044b\u0441\u0442\u0430\u0446\u0446\u0430 \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0456 Google \u0431\u0435\u0437 \u043f\u0430\u0434\u043a\u043b\u044e\u0447\u044d\u043d\u043d\u044f \u0434\u0430 \u0456\u043d\u0442\u044d\u0440\u043d\u044d\u0442\u0443, \u043f\u0435\u0440\u0430\u0439\u0434\u0437\u0456\u0446\u0435 \u0434\u0430 \u043d\u0430\u043b\u0430\u0434 \u043d\u0430 \u0433\u0430\u043b\u043e\u045e\u043d\u0430\u0439 \u0441\u0442\u0430\u0440\u043e\u043d\u0446\u044b \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u045e Google \u0456 \u045e\u043a\u043b\u044e\u0447\u044b\u0446\u0435 \u0441\u0456\u043d\u0445\u0440\u0430\u043d\u0456\u0437\u0430\u0446\u044b\u044e

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\bg\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1389
                                    Entropy (8bit):4.561317517930672
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:2E6423F38E148AC5A5A041B1D5989CC0
                                    SHA1:88966FFE39510C06CD9F710DFAC8545672FFDCEB
                                    SHA-256:AC4A8B5B7C0B0DD1C07910F30DCFBDF1BCB701CFCFD182B6153FD3911D566C0E
                                    SHA-512:891FCDC6F07337970518322C69C6026896DD3588F41F1E6C8A1D91204412CAE01808F87F9F2DEA1754458D70F51C3CEF5F12A9E3FC011165A42B0844C75EC683
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. .. .......... Google ......... ... ........ ......, ........ ........... . ......... ........ .. Google ......... . ........ ...... .............. ......... ..., ...... ..... ...... . .........".. },.. "explanationofflineenabled": {.. "message": "...... ..., .. ... ...... .. ........... ......... ....... ... .. ......... .....".. },.. "extdesc": {.. "message": "............, .......... . ............ ...... ........., .......... ....... . ........... . ...... .... ... ...... .. .........".. },..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\bn\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1763
                                    Entropy (8bit):4.25392954144533
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:651375C6AF22E2BCD228347A45E3C2C9
                                    SHA1:109AC3A912326171D77869854D7300385F6E628C
                                    SHA-256:1DBF38E425C5C7FC39E8077A837DF0443692463BA1FBE94E288AB5A93242C46E
                                    SHA-512:958AA7CF645FAB991F2ECA0937BA734861B373FB1C8BCC001599BE57C65E0917F7833A971D93A7A6423C5F54A4839D3A4D5F100C26EFA0D2A068516953989F9D
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": ".... .... ....".. },.. "explanationofflinedisabled": {.. "message": ".... ....... ....... .... ......... ..... ..... Google ........ ....... ...., Google .......... ........ ....... ... ... .... ... .... ... ........... .... ....... .... ... ...... ..... .... .....".. },.. "explanationofflineenabled": {.. "message": ".... ....... ......, ...... .... .... ...... .......... ........ .... .. .... .... .... .... .......".. },.. "extdesc":

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\ca\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):930
                                    Entropy (8bit):4.569672473374877
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:D177261FFE5F8AB4B3796D26835F8331
                                    SHA1:4BE708E2FFE0F018AC183003B74353AD646C1657
                                    SHA-256:D6E65238187A430FF29D4C10CF1C46B3F0FA4B91A5900A17C5DFD16E67FFC9BD
                                    SHA-512:E7D730304AED78C0F4A78DADBF835A22B3D8114FB41D67B2B26F4FE938B572763D3E127B7C1C81EBE7D538DA976A7A1E7ADC40F918F88AFADEA2201AE8AB47D0
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "CREA'N UN DE NOU".. },.. "explanationofflinedisabled": {.. "message": "No tens connexi.. Per utilitzar Documents de Google sense connexi. a Internet, ves a la configuraci. de la p.gina d'inici d'aquest servei i activa l'opci. per sincronitzar-se sense connexi. la propera vegada que estiguis connectat a la xarxa.".. },.. "explanationofflineenabled": {.. "message": "Tot i que no tens connexi., pots editar o crear fitxers.".. },.. "extdesc": {.. "message": "Edita, crea i consulta documents, fulls de c.lcul i presentacions, tot sense acc.s a Internet.".. },.. "extname": {.. "message": "Documents de Google sense connexi.".. },.. "learnmore": {.. "message": "M.s informaci.".. },.. "popuphelptext": {.. "message": "Escriu text, edita fitxers i col.labora-hi siguis on siguis, amb o sense connexi. a Internet.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\cs\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):913
                                    Entropy (8bit):4.947221919047
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:CCB00C63E4814F7C46B06E4A142F2DE9
                                    SHA1:860936B2A500CE09498B07A457E0CCA6B69C5C23
                                    SHA-256:21AE66CE537095408D21670585AD12599B0F575FF2CB3EE34E3A48F8CC71CFAB
                                    SHA-512:35839DAC6C985A6CA11C1BFF5B8B5E59DB501FCB91298E2C41CB0816B6101BF322445B249EAEA0CEF38F76D73A4E198F2B6E25EEA8D8A94EA6007D386D4F1055
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "VYTVO.IT".. },.. "explanationofflinedisabled": {.. "message": "Jste offline. Pokud chcete Dokumenty Google pou..vat bez p.ipojen. k.internetu, a. budete p...t. online, p.ejd.te do nastaven. na domovsk. str.nce Dokument. Google a.zapn.te offline synchronizaci.".. },.. "explanationofflineenabled": {.. "message": "Jste offline, ale st.le m..ete upravovat dostupn. soubory nebo vytv..et nov..".. },.. "extdesc": {.. "message": "Upravujte, vytv..ejte a.zobrazujte sv. dokumenty, tabulky a.prezentace . v.e bez p..stupu k.internetu.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Dal.. informace".. },.. "popuphelptext": {.. "message": "Pi.te, upravujte a.spolupracujte kdekoli, s.p.ipojen.m k.internetu i.bez n.j.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\cy\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):806
                                    Entropy (8bit):4.815663786215102
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:A86407C6F20818972B80B9384ACFBBED
                                    SHA1:D1531CD0701371E95D2A6BB5EDCB79B949D65E7C
                                    SHA-256:A482663292A913B02A9CDE4635C7C92270BF3C8726FD274475DC2C490019A7C9
                                    SHA-512:D9FBF675514A890E9656F83572208830C6D977E34D5744C298A012515BC7EB5A17726ADD0D9078501393BABD65387C4F4D3AC0CC0F7C60C72E09F336DCA88DE7
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"createnew":{"message":"CREU NEWYDD"},"explanationofflinedisabled":{"message":"Rydych chi all-lein. I ddefnyddio Dogfennau Google heb gysylltiad \u00e2'r rhyngrwyd, ewch i'r gosodiadau ar dudalen hafan Dogfennau Google a throi 'offine sync' ymlaen y tro nesaf y byddwch wedi'ch cysylltu \u00e2'r rhyngrwyd."},"explanationofflineenabled":{"message":"Rydych chi all-lein, ond gallwch barhau i olygu'r ffeiliau sydd ar gael neu greu rhai newydd."},"extdesc":{"message":"Gallwch olygu, creu a gweld eich dogfennau, taenlenni a chyflwyniadau \u2013 i gyd heb fynediad i'r rhyngrwyd."},"extname":{"message":"Dogfennau Google All-lein"},"learnmore":{"message":"DYSGU MWY"},"popuphelptext":{"message":"Ysgrifennwch, golygwch a chydweithiwch lle bynnag yr ydych, gyda chysylltiad \u00e2'r rhyngrwyd neu hebddo."}}.

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\da\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):883
                                    Entropy (8bit):4.5096240460083905
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:B922F7FD0E8CCAC31B411FC26542C5BA
                                    SHA1:2D25E153983E311E44A3A348B7D97AF9AAD21A30
                                    SHA-256:48847D57C75AF51A44CBF8F7EF1A4496C2007E58ED56D340724FDA1604FF9195
                                    SHA-512:AD0954DEEB17AF04858DD5EC3D3B3DA12DFF7A666AF4061DEB6FD492992D95DB3BAF751AB6A59BEC7AB22117103A93496E07632C2FC724623BB3ACF2CA6093F3
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "OPRET NYT".. },.. "explanationofflinedisabled": {.. "message": "Du er offline. Hvis du vil bruge Google Docs uden en internetforbindelse, kan du g. til indstillinger p. startsiden for Google Docs og aktivere offlinesynkronisering, n.ste gang du har internetforbindelse.".. },.. "explanationofflineenabled": {.. "message": "Du er offline, men du kan stadig redigere tilg.ngelige filer eller oprette nye.".. },.. "extdesc": {.. "message": "Rediger, opret og se dine dokumenter, regneark og pr.sentationer helt uden internetadgang.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "F. flere oplysninger".. },.. "popuphelptext": {.. "message": "Skriv, rediger og samarbejd, uanset hvor du er, og uanset om du har internetforbindelse.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\de\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1031
                                    Entropy (8bit):4.621865814402898
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:D116453277CC860D196887CEC6432FFE
                                    SHA1:0AE00288FDE696795CC62FD36EABC507AB6F4EA4
                                    SHA-256:36AC525FA6E28F18572D71D75293970E0E1EAD68F358C20DA4FDC643EEA2C1C5
                                    SHA-512:C788C3202A27EC220E3232AE25E3C855F3FDB8F124848F46A3D89510C564641A2DFEA86D5014CEA20D3D2D3C1405C96DBEB7CCAD910D65C55A32FDCA8A33FDD4
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "NEU ERSTELLEN".. },.. "explanationofflinedisabled": {.. "message": "Sie sind offline. Um Google Docs ohne Internetverbindung zu verwenden, gehen Sie auf der Google Docs-Startseite auf \"Einstellungen\" und schalten die Offlinesynchronisierung ein, wenn Sie das n.chste Mal mit dem Internet verbunden sind.".. },.. "explanationofflineenabled": {.. "message": "Sie sind offline, aber k.nnen weiterhin verf.gbare Dateien bearbeiten oder neue Dateien erstellen.".. },.. "extdesc": {.. "message": "Mit der Erweiterung k.nnen Sie Dokumente, Tabellen und Pr.sentationen bearbeiten, erstellen und aufrufen.. ganz ohne Internetverbindung.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Weitere Informationen".. },.. "popuphelptext": {.. "message": "Mit oder ohne Internetverbindung: Sie k.nnen von .berall Dokumente erstellen, .ndern und zusammen mit anderen

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\el\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1613
                                    Entropy (8bit):4.618182455684241
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:9ABA4337C670C6349BA38FDDC27C2106
                                    SHA1:1FC33BE9AB4AD99216629BC89FBB30E7AA42B812
                                    SHA-256:37CA6AB271D6E7C9B00B846FDB969811C9CE7864A85B5714027050795EA24F00
                                    SHA-512:8564F93AD8485C06034A89421CE74A4E719BBAC865E33A7ED0B87BAA80B7F7E54B240266F2EDB595DF4E6816144428DB8BE18A4252CBDCC1E37B9ECC9F9D7897
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": ".......... ....".. },.. "explanationofflinedisabled": {.. "message": "..... ..... ......... ... .. ............... .. ....... Google ..... ....... ... ........., ......... .... ......... .... ...... ...... ... ........ Google ... ............. ... ........... ..... ........ ... ....... .... ... .. ..... ............ ... ..........".. },.. "explanationofflineenabled": {.. "message": "..... ..... ........ .... ........ .. .............. .. ......... ...... . .. ............. ... .......".. },.. "extdesc": {.. "message": ".............., ............ ... ..... .. ......., .

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\en\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):851
                                    Entropy (8bit):4.4858053753176526
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                    SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                    SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                    SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\en_GB\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):848
                                    Entropy (8bit):4.494568170878587
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:3734D498FB377CF5E4E2508B8131C0FA
                                    SHA1:AA23E39BFE526B5E3379DE04E00EACBA89C55ADE
                                    SHA-256:AB5CDA04013DCE0195E80AF714FBF3A67675283768FFD062CF3CF16EDB49F5D4
                                    SHA-512:56D9C792954214B0DE56558983F7EB7805AC330AF00E944E734340BE41C68E5DD03EDDB17A63BC2AB99BDD9BE1F2E2DA5BE8BA7C43D938A67151082A9041C7BA
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an Internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the Internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create and view your documents, spreadsheets and presentations . all without Internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn more".. },.. "popuphelptext": {.. "message": "Write, edit and collaborate wherever you are, with or without an Internet connection.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\en_US\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1425
                                    Entropy (8bit):4.461560329690825
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:578215FBB8C12CB7E6CD73FBD16EC994
                                    SHA1:9471D71FA6D82CE1863B74E24237AD4FD9477187
                                    SHA-256:102B586B197EA7D6EDFEB874B97F95B05D229EA6A92780EA8544C4FF1E6BC5B1
                                    SHA-512:E698B1A6A6ED6963182F7D25AC12C6DE06C45D14499DDC91E81BDB35474E7EC9071CFEBD869B7D129CB2CD127BC1442C75E408E21EB8E5E6906A607A3982B212
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createNew": {.. "description": "Text shown in the extension pop up for creating a new document",.. "message": "CREATE NEW".. },.. "explanationOfflineDisabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is disabled.",.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationOfflineEnabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is enabled.",.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extDesc": {.. "description": "Extension description",.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extName": {.. "description": "Extension name",..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\es\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):961
                                    Entropy (8bit):4.537633413451255
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:F61916A206AC0E971CDCB63B29E580E3
                                    SHA1:994B8C985DC1E161655D6E553146FB84D0030619
                                    SHA-256:2008F4FAAB71AB8C76A5D8811AD40102C380B6B929CE0BCE9C378A7CADFC05EB
                                    SHA-512:D9C63B2F99015355ACA04D74A27FD6B81170750C4B4BE7293390DC81EF4CD920EE9184B05C61DC8979B6C2783528949A4AE7180DBF460A2620DBB0D3FD7A05CF
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "CREAR".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a Configuraci.n en la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que te conectes a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n. Aun as., puedes crear archivos o editar los que est.n disponibles.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones; todo ello, sin acceso a Internet.".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe o edita contenido y colabora con otras personas desde cualquier lugar, con o sin conexi.n a Internet.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\es_419\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):959
                                    Entropy (8bit):4.570019855018913
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:535331F8FB98894877811B14994FEA9D
                                    SHA1:42475E6AFB6A8AE41E2FC2B9949189EF9BBE09FB
                                    SHA-256:90A560FF82605DB7EDA26C90331650FF9E42C0B596CEDB79B23598DEC1B4988F
                                    SHA-512:2CE9C69E901AB5F766E6CFC1E592E1AF5A07AA78D154CCBB7898519A12E6B42A21C5052A86783ABE3E7A05043D4BD41B28960FEDDB30169FF7F7FE7208C8CFE9
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "CREAR NUEVO".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a la configuraci.n de la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que est.s conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n, pero a.n puedes modificar los archivos disponibles o crear otros nuevos.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones aunque no tengas acceso a Internet".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, modifica y colabora dondequiera que est.s, con conexi.n a Internet o sin ella.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\et\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):968
                                    Entropy (8bit):4.633956349931516
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:64204786E7A7C1ED9C241F1C59B81007
                                    SHA1:586528E87CD670249A44FB9C54B1796E40CDB794
                                    SHA-256:CC31B877238DA6C1D51D9A6155FDE565727A1956572F466C387B7E41C4923A29
                                    SHA-512:44FCF93F3FB10A3DB68D74F9453995995AB2D16863EC89779DB451A4D90F19743B8F51095EEC3ECEF5BD0C5C60D1BF3DFB0D64DF288DCCFBE70C129AE350B2C6
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "LOO UUS".. },.. "explanationofflinedisabled": {.. "message": "Teil ei ole v.rgu.hendust. Teenuse Google.i dokumendid kasutamiseks ilma Interneti-.henduseta avage j.rgmine kord, kui olete Internetiga .hendatud, teenuse Google.i dokumendid avalehel seaded ja l.litage sisse v.rgu.henduseta s.nkroonimine.".. },.. "explanationofflineenabled": {.. "message": "Teil ei ole v.rgu.hendust, kuid saate endiselt saadaolevaid faile muuta v.i uusi luua.".. },.. "extdesc": {.. "message": "Saate luua, muuta ja vaadata oma dokumente, arvustustabeleid ning esitlusi ilma Interneti-.henduseta.".. },.. "extname": {.. "message": "V.rgu.henduseta Google.i dokumendid".. },.. "learnmore": {.. "message": "Lisateave".. },.. "popuphelptext": {.. "message": "Kirjutage, muutke ja tehke koost..d .ksk.ik kus olenemata sellest, kas teil on Interneti-.hendus.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\eu\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):838
                                    Entropy (8bit):4.4975520913636595
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:29A1DA4ACB4C9D04F080BB101E204E93
                                    SHA1:2D0E4587DDD4BAC1C90E79A88AF3BD2C140B53B1
                                    SHA-256:A41670D52423BA69C7A65E7E153E7B9994E8DD0370C584BDA0714BD61C49C578
                                    SHA-512:B7B7A5A0AA8F6724B0FA15D65F25286D9C66873F03080CBABA037BDEEA6AADC678AC4F083BC52C2DB01BEB1B41A755ED67BBDDB9C0FE4E35A004537A3F7FC458
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"createnew":{"message":"SORTU"},"explanationofflinedisabled":{"message":"Ez zaude konektatuta Internetera. Google Dokumentuak konexiorik gabe erabiltzeko, joan Google Dokumentuak zerbitzuaren orri nagusiko ezarpenetara eta aktibatu konexiorik gabeko sinkronizazioa Internetera konektatzen zaren hurrengoan."},"explanationofflineenabled":{"message":"Ez zaude konektatuta Internetera, baina erabilgarri dauden fitxategiak edita ditzakezu, baita beste batzuk sortu ere."},"extdesc":{"message":"Editatu, sortu eta ikusi dokumentuak, kalkulu-orriak eta aurkezpenak Interneteko konexiorik gabe."},"extname":{"message":"Google Dokumentuak konexiorik gabe"},"learnmore":{"message":"Lortu informazio gehiago"},"popuphelptext":{"message":"Edonon zaudela ere, ez duzu zertan konektatuta egon idatzi, editatu eta lankidetzan jardun ahal izateko."}}.

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\fa\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1305
                                    Entropy (8bit):4.673517697192589
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:097F3BA8DE41A0AAF436C783DCFE7EF3
                                    SHA1:986B8CABD794E08C7AD41F0F35C93E4824AC84DF
                                    SHA-256:7C4C09D19AC4DA30CC0F7F521825F44C4DFBC19482A127FBFB2B74B3468F48F1
                                    SHA-512:8114EA7422E3B20AE3F08A3A64A6FFE1517A7579A3243919B8F789EB52C68D6F5A591F7B4D16CEE4BD337FF4DAF4057D81695732E5F7D9E761D04F859359FADB
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "..... ... ....".. },.. "explanationofflinedisabled": {.. "message": "...... ...... .... ....... .. ....... Google .... ..... ........ .... ... .. .. ....... ... ..... .. ....... .. .... .... ....... Google ..... . .......... ...... .. .... .....".. },.. "explanationofflineenabled": {.. "message": "...... ..... ... ...... ......... ......... .. .. .. ..... ..... ...... .... .. ........ ..... ..... .....".. },.. "extdesc": {.. "message": "...... ............ . ........ .. ....... ..... . ...... .... . ... ... ..... .... ...... .. ........".. },.. "extname": {.. "message": "....... Google .

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\fi\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):911
                                    Entropy (8bit):4.6294343834070935
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:B38CBD6C2C5BFAA6EE252D573A0B12A1
                                    SHA1:2E490D5A4942D2455C3E751F96BD9960F93C4B60
                                    SHA-256:2D752A5DBE80E34EA9A18C958B4C754F3BC10D63279484E4DF5880B8FD1894D2
                                    SHA-512:6E65207F4D8212736059CC802C6A7104E71A9CC0935E07BD13D17EC46EA26D10BC87AD923CD84D78781E4F93231A11CB9ED8D3558877B6B0D52C07CB005F1C0C
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "LUO UUSI".. },.. "explanationofflinedisabled": {.. "message": "Olet offline-tilassa. Jos haluat k.ytt.. Google Docsia ilman internetyhteytt., siirry Google Docsin etusivulle ja ota asetuksissa k.ytt..n offline-synkronointi, kun seuraavan kerran olet yhteydess. internetiin.".. },.. "explanationofflineenabled": {.. "message": "Olet offline-tilassa. Voit kuitenkin muokata k.ytett.viss. olevia tiedostoja tai luoda uusia.".. },.. "extdesc": {.. "message": "Muokkaa, luo ja katso dokumentteja, laskentataulukoita ja esityksi. ilman internetyhteytt..".. },.. "extname": {.. "message": "Google Docsin offline-tila".. },.. "learnmore": {.. "message": "Lis.tietoja".. },.. "popuphelptext": {.. "message": "Kirjoita, muokkaa ja tee yhteisty.t. paikasta riippumatta, my.s ilman internetyhteytt..".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\fil\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):939
                                    Entropy (8bit):4.451724169062555
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:FCEA43D62605860FFF41BE26BAD80169
                                    SHA1:F25C2CE893D65666CC46EA267E3D1AA080A25F5B
                                    SHA-256:F51EEB7AAF5F2103C1043D520E5A4DE0FA75E4DC375E23A2C2C4AFD4D9293A72
                                    SHA-512:F66F113A26E5BCF54B9AAFA69DAE3C02C9C59BD5B9A05F829C92AF208C06DC8CCC7A1875CBB7B7CE425899E4BA27BFE8CE2CDAF43A00A1B9F95149E855989EE0
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "GUMAWA NG BAGO".. },.. "explanationofflinedisabled": {.. "message": "Naka-offline ka. Upang magamit ang Google Docs nang walang koneksyon sa internet, pumunta sa mga setting sa homepage ng Google Docs at i-on ang offline na pag-sync sa susunod na nakakonekta ka sa internet.".. },.. "explanationofflineenabled": {.. "message": "Naka-offline ka, ngunit maaari mo pa ring i-edit ang mga available na file o gumawa ng mga bago.".. },.. "extdesc": {.. "message": "I-edit, gawin, at tingnan ang iyong mga dokumento, spreadsheet, at presentation . lahat ng ito nang walang access sa internet.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Matuto Pa".. },.. "popuphelptext": {.. "message": "Magsulat, mag-edit at makipag-collaborate nasaan ka man, nang mayroon o walang koneksyon sa internet.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\fr\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):977
                                    Entropy (8bit):4.622066056638277
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:A58C0EEBD5DC6BB5D91DAF923BD3A2AA
                                    SHA1:F169870EEED333363950D0BCD5A46D712231E2AE
                                    SHA-256:0518287950A8B010FFC8D52554EB82E5D93B6C3571823B7CECA898906C11ABCC
                                    SHA-512:B04AFD61DE490BC838354E8DC6C22BE5C7AC6E55386FFF78489031ACBE2DBF1EAA2652366F7A1E62CE87CFCCB75576DA3B2645FEA1645B0ECEB38B1FA3A409E8
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour pouvoir utiliser Google.Docs sans connexion Internet, acc.dez aux param.tres de la page d'accueil de Google.Docs et activez la synchronisation hors connexion lors de votre prochaine connexion . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez quand m.me modifier les fichiers disponibles ou cr.er des fichiers.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez des documents, feuilles de calcul et pr.sentations, sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Docs hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": "R.digez des documents, modifiez-les et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\fr_CA\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):972
                                    Entropy (8bit):4.621319511196614
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:6CAC04BDCC09034981B4AB567B00C296
                                    SHA1:84F4D0E89E30ED7B7ACD7644E4867FFDB346D2A5
                                    SHA-256:4CAA46656ECC46A420AA98D3307731E84F5AC1A89111D2E808A228C436D83834
                                    SHA-512:160590B6EC3DCF48F3EA7A5BAA11A8F6FA4131059469623E00AD273606B468B3A6E56D199E97DAA0ECB6C526260EBAE008570223F2822811F441D1C900DC33D6
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour utiliser Google.Documents sans connexion Internet, acc.dez aux param.tres sur la page d'accueil Google.Documents et activez la synchronisation hors ligne la prochaine fois que vous .tes connect. . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez toujours modifier les fichiers disponibles ou en cr.er.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez vos documents, vos feuilles de calcul et vos pr.sentations, le tout sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Documents hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": ".crivez, modifiez et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\gl\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):990
                                    Entropy (8bit):4.497202347098541
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:6BAAFEE2F718BEFBC7CD58A04CCC6C92
                                    SHA1:CE0BDDDA2FA1F0AD222B604C13FF116CBB6D02CF
                                    SHA-256:0CF098DFE5BBB46FC0132B3CF0C54B06B4D2C8390D847EE2A65D20F9B7480F4C
                                    SHA-512:3DA23E74CD6CF9C0E2A0C4DBA60301281D362FB0A2A908F39A55ABDCA4CC69AD55638C63CC3BEFD44DC032F9CBB9E2FDC1B4C4ABE292917DF8272BA25B82AF20
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "CREAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est.s sen conexi.n. Para utilizar Documentos de Google sen conexi.n a Internet, accede .s opci.ns de configuraci.n na p.xina de inicio de Documentos de Google e activa a sincronizaci.n sen conexi.n a pr.xima vez que esteas conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "Est.s sen conexi.n. A.nda podes editar os ficheiros dispo.ibles ou crear outros novos.".. },.. "extdesc": {.. "message": "Modifica, crea e consulta os teus documentos, follas de c.lculo e presentaci.ns sen necesidade de acceder a Internet.".. },.. "extname": {.. "message": "Documentos de Google sen conexi.n".. },.. "learnmore": {.. "message": "M.is informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, edita e colabora esteas onde esteas, tanto se tes conexi.n a Internet como se non a tes.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\gu\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1658
                                    Entropy (8bit):4.294833932445159
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:BC7E1D09028B085B74CB4E04D8A90814
                                    SHA1:E28B2919F000B41B41209E56B7BF3A4448456CFE
                                    SHA-256:FE8218DF25DB54E633927C4A1640B1A41B8E6CB3360FA386B5382F833B0B237C
                                    SHA-512:040A8267D67DB05BBAA52F1FAC3460F58D35C5B73AA76BBF17FA78ACC6D3BFB796A870DD44638F9AC3967E35217578A20D6F0B975CEEEEDBADFC9F65BE7E72C9
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": ".... .....".. },.. "explanationofflinedisabled": {.. "message": "... ...... ... ........ ....... ... Google .......... ..... .... ...., ... .... .... ...... ........ .... ...... ... ...... Google ........ ...... .. ........ .. ... ... ...... ....... .... ....".. },.. "explanationofflineenabled": {.. "message": "... ...... .., ..... ... ... .. ...... ..... ....... ... ... .. .... ... ..... ... ...".. },.. "extdesc": {.. "message": "..... ........., ..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\hi\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1672
                                    Entropy (8bit):4.314484457325167
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:98A7FC3E2E05AFFFC1CFE4A029F47476
                                    SHA1:A17E077D6E6BA1D8A90C1F3FAF25D37B0FF5A6AD
                                    SHA-256:D2D1AFA224CDA388FF1DC8FAC24CDA228D7CE09DE5D375947D7207FA4A6C4F8D
                                    SHA-512:457E295C760ABFD29FC6BBBB7FC7D4959287BCA7FB0E3E99EB834087D17EED331DEF18138838D35C48C6DDC8A0134AFFFF1A5A24033F9B5607B355D3D48FDF88
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "... .....".. },.. "explanationofflinedisabled": {.. "message": ".. ...... .... ....... ....... .. .... Google ........ .. ..... .... .. ..., .... ... ....... .. ...... .... .. Google ........ .. ........ .. ...... ... .... .. ...... ....... .... .....".. },.. "explanationofflineenabled": {.. "message": ".. ...... ..., ..... .. .. .. ...... ...... ..... .. .... ... .. .. ...... ... .... ....".. },.. "extdesc": {.. "message": ".... .... ....... ...... ..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\hr\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):935
                                    Entropy (8bit):4.6369398601609735
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:25CDFF9D60C5FC4740A48EF9804BF5C7
                                    SHA1:4FADECC52FB43AEC084DF9FF86D2D465FBEBCDC0
                                    SHA-256:73E6E246CEEAB9875625CD4889FBF931F93B7B9DEAA11288AE1A0F8A6E311E76
                                    SHA-512:EF00B08496427FEB5A6B9FB3FE2E5404525BE7C329D9DD2A417480637FD91885837D134A26980DCF9F61E463E6CB68F09A24402805807E656AF16B116A75E02C
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "IZRADI NOVI".. },.. "explanationofflinedisabled": {.. "message": "Vi ste izvan mre.e. Da biste koristili Google dokumente bez internetske veze, idite na postavke na po.etnoj stranici Google dokumenata i uklju.ite izvanmre.nu sinkronizaciju sljede.i put kada se pove.ete s internetom.".. },.. "explanationofflineenabled": {.. "message": "Vi ste izvan mre.e, no i dalje mo.ete ure.ivati dostupne datoteke i izra.ivati nove.".. },.. "extdesc": {.. "message": "Uredite, izradite i pregledajte dokumente, prora.unske tablice i prezentacije . sve bez pristupa internetu.".. },.. "extname": {.. "message": "Google dokumenti izvanmre.no".. },.. "learnmore": {.. "message": "Saznajte vi.e".. },.. "popuphelptext": {.. "message": "Pi.ite, ure.ujte i sura.ujte gdje god se nalazili, povezani s internetom ili izvanmre.no.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\hu\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1065
                                    Entropy (8bit):4.816501737523951
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:8930A51E3ACE3DD897C9E61A2AEA1D02
                                    SHA1:4108506500C68C054BA03310C49FA5B8EE246EA4
                                    SHA-256:958C0F664FCA20855FA84293566B2DDB7F297185619143457D6479E6AC81D240
                                    SHA-512:126B80CD3428C0BC459EEAAFCBE4B9FDE2541A57F19F3EC7346BAF449F36DC073A9CF015594A57203255941551B25F6FAA6D2C73C57C44725F563883FF902606
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": ".J L.TREHOZ.SA".. },.. "explanationofflinedisabled": {.. "message": "Jelenleg offline .llapotban van. Ha a Google Dokumentumokat internetkapcsolat n.lk.l szeretn. haszn.lni, a legk.zelebbi internethaszn.lata sor.n nyissa meg a Google Dokumentumok kezd.oldal.n tal.lhat. be.ll.t.sokat, .s tiltsa le az offline szinkroniz.l.s be.ll.t.st.".. },.. "explanationofflineenabled": {.. "message": "Offline .llapotban van, de az el.rhet. f.jlokat .gy is szerkesztheti, valamint l.trehozhat .jakat.".. },.. "extdesc": {.. "message": "Szerkesszen, hozzon l.tre .s tekintsen meg dokumentumokat, t.bl.zatokat .s prezent.ci.kat . ak.r internetkapcsolat n.lk.l is.".. },.. "extname": {.. "message": "Google Dokumentumok Offline".. },.. "learnmore": {.. "message": "Tov.bbi inform.ci.".. },.. "popuphelptext": {.. "message": ".rjon, szerkesszen .s dolgozzon egy.tt m.sokkal

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\hy\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):2771
                                    Entropy (8bit):3.7629875118570055
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:55DE859AD778E0AA9D950EF505B29DA9
                                    SHA1:4479BE637A50C9EE8A2F7690AD362A6A8FFC59B2
                                    SHA-256:0B16E3F8BD904A767284345AE86A0A9927C47AFE89E05EA2B13AD80009BDF9E4
                                    SHA-512:EDAB2FCC14CABB6D116E9C2907B42CFBC34F1D9035F43E454F1F4D1F3774C100CBADF6B4C81B025810ED90FA91C22F1AEFE83056E4543D92527E4FE81C7889A8
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"createnew":{"message":"\u054d\u054f\u0535\u0542\u053e\u0535\u053c \u0546\u0548\u0550"},"explanationofflinedisabled":{"message":"Google \u0553\u0561\u057d\u057f\u0561\u0569\u0572\u0569\u0565\u0580\u0568 \u0576\u0561\u0587 \u0561\u0576\u0581\u0561\u0576\u0581 \u057c\u0565\u056a\u056b\u0574\u0578\u0582\u0574 \u0585\u0563\u057f\u0561\u0563\u0578\u0580\u056e\u0565\u056c\u0578\u0582 \u0570\u0561\u0574\u0561\u0580 \u0574\u056b\u0561\u0581\u0565\u0584 \u0570\u0561\u0574\u0561\u0581\u0561\u0576\u0581\u056b\u0576, \u0562\u0561\u0581\u0565\u0584 \u056e\u0561\u057c\u0561\u0575\u0578\u0582\u0569\u0575\u0561\u0576 \u0563\u056c\u056d\u0561\u057e\u0578\u0580 \u0567\u057b\u0568, \u0561\u0576\u0581\u0565\u0584 \u056f\u0561\u0580\u0563\u0561\u057e\u0578\u0580\u0578\u0582\u0574\u0576\u0565\u0580 \u0587 \u0574\u056b\u0561\u0581\u0580\u0565\u0584 \u0561\u0576\u0581\u0561\u0576\u0581 \u0570\u0561\u0574\u0561\u056a\u0561\u0574\u0561\u0581\u0578\u0582\u0574\u0568:"},"explanationofflineenabled":{"message":"\u

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\id\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):858
                                    Entropy (8bit):4.474411340525479
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:34D6EE258AF9429465AE6A078C2FB1F5
                                    SHA1:612CAE151984449A4346A66C0A0DF4235D64D932
                                    SHA-256:E3C86DDD2EFEBE88EED8484765A9868202546149753E03A61EB7C28FD62CFCA1
                                    SHA-512:20427807B64A0F79A6349F8A923152D9647DA95C05DE19AD3A4BF7DB817E25227F3B99307C8745DD323A6591B515221BD2F1E92B6F1A1783BDFA7142E84601B1
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "BUAT BARU".. },.. "explanationofflinedisabled": {.. "message": "Anda sedang offline. Untuk menggunakan Google Dokumen tanpa koneksi internet, buka setelan di beranda Google Dokumen dan aktifkan sinkronisasi offline saat terhubung ke internet.".. },.. "explanationofflineenabled": {.. "message": "Anda sedang offline, namun Anda masih dapat mengedit file yang tersedia atau membuat file baru.".. },.. "extdesc": {.. "message": "Edit, buat, dan lihat dokumen, spreadsheet, dan presentasi . tanpa perlu akses internet.".. },.. "extname": {.. "message": "Google Dokumen Offline".. },.. "learnmore": {.. "message": "Pelajari Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit, dan gabungkan di mana saja, dengan atau tanpa koneksi internet.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\is\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):954
                                    Entropy (8bit):4.6457079159286545
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:CAEB37F451B5B5E9F5EB2E7E7F46E2D7
                                    SHA1:F917F9EAE268A385A10DB3E19E3CC3ACED56D02E
                                    SHA-256:943E61988C859BB088F548889F0449885525DD660626A89BA67B2C94CFBFBB1B
                                    SHA-512:A55DEC2404E1D7FA5A05475284CBECC2A6208730F09A227D75FDD4AC82CE50F3751C89DC687C14B91950F9AA85503BD6BF705113F2F1D478E728DF64D476A9EE
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"createnew":{"message":"B\u00daA TIL N\u00ddTT"},"explanationofflinedisabled":{"message":"\u00de\u00fa ert \u00e1n nettengingar. Til a\u00f0 nota Google-skj\u00f6l \u00e1n nettengingar skaltu opna stillingarnar \u00e1 heimas\u00ed\u00f0u Google skjala og virkja samstillingu \u00e1n nettengingar n\u00e6st \u00feegar \u00fe\u00fa tengist netinu."},"explanationofflineenabled":{"message":"Engin nettenging. \u00de\u00fa getur samt sem \u00e1\u00f0ur breytt tilt\u00e6kum skr\u00e1m e\u00f0a b\u00fai\u00f0 til n\u00fdjar."},"extdesc":{"message":"Breyttu, b\u00fa\u00f0u til og sko\u00f0a\u00f0u skj\u00f6lin \u00fe\u00edn, t\u00f6flureikna og kynningar \u2014 allt \u00e1n nettengingar."},"extname":{"message":"Google-skj\u00f6l \u00e1n nettengingar"},"learnmore":{"message":"Frekari uppl\u00fdsingar"},"popuphelptext":{"message":"Skrifa\u00f0u, breyttu og starfa\u00f0u me\u00f0 \u00f6\u00f0rum hvort sem nettenging er til sta\u00f0ar e\u00f0a ekki."}}.

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\it\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):899
                                    Entropy (8bit):4.474743599345443
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:0D82B734EF045D5FE7AA680B6A12E711
                                    SHA1:BD04F181E4EE09F02CD53161DCABCEF902423092
                                    SHA-256:F41862665B13C0B4C4F562EF1743684CCE29D4BCF7FE3EA494208DF253E33885
                                    SHA-512:01F305A280112482884485085494E871C66D40C0B03DE710B4E5F49C6A478D541C2C1FDA2CEAF4307900485946DEE9D905851E98A2EB237642C80D464D1B3ADA
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "CREA NUOVO".. },.. "explanationofflinedisabled": {.. "message": "Sei offline. Per utilizzare Documenti Google senza una connessione Internet, apri le impostazioni nella home page di Documenti Google e attiva la sincronizzazione offline la prossima volta che ti colleghi a Internet.".. },.. "explanationofflineenabled": {.. "message": "Sei offline, ma puoi comunque modificare i file disponibili o crearne di nuovi.".. },.. "extdesc": {.. "message": "Modifica, crea e visualizza documenti, fogli di lavoro e presentazioni, senza accesso a Internet.".. },.. "extname": {.. "message": "Documenti Google offline".. },.. "learnmore": {.. "message": "Ulteriori informazioni".. },.. "popuphelptext": {.. "message": "Scrivi, modifica e collabora ovunque ti trovi, con o senza una connessione Internet.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\iw\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):2230
                                    Entropy (8bit):3.8239097369647634
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:26B1533C0852EE4661EC1A27BD87D6BF
                                    SHA1:18234E3ABAF702DF9330552780C2F33B83A1188A
                                    SHA-256:BBB81C32F482BA3216C9B1189C70CEF39CA8C2181AF3538FFA07B4C6AD52F06A
                                    SHA-512:450BFAF0E8159A4FAE309737EA69CA8DD91CAAFD27EF662087C4E7716B2DCAD3172555898E75814D6F11487F4F254DE8625EF0CFEA8DF0133FC49E18EC7FD5D2
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"createnew":{"message":"\u05d9\u05e6\u05d9\u05e8\u05ea \u05d7\u05d3\u05e9"},"explanationofflinedisabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8. \u05db\u05d3\u05d9 \u05dc\u05d4\u05e9\u05ea\u05de\u05e9 \u05d1-Google Docs \u05dc\u05dc\u05d0 \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d1\u05d4\u05ea\u05d7\u05d1\u05e8\u05d5\u05ea \u05d4\u05d1\u05d0\u05d4 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d9\u05e9 \u05dc\u05e2\u05d1\u05d5\u05e8 \u05dc\u05e7\u05d8\u05e2 \u05d4\u05d4\u05d2\u05d3\u05e8\u05d5\u05ea \u05d1\u05d3\u05e3 \u05d4\u05d1\u05d9\u05ea \u05e9\u05dc Google Docs \u05d5\u05dc\u05d4\u05e4\u05e2\u05d9\u05dc \u05e1\u05e0\u05db\u05e8\u05d5\u05df \u05d1\u05de\u05e6\u05d1 \u05d0\u05d5\u05e4\u05dc\u05d9\u05d9\u05df."},"explanationofflineenabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\ja\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1160
                                    Entropy (8bit):5.292894989863142
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:15EC1963FC113D4AD6E7E59AE5DE7C0A
                                    SHA1:4017FC6D8B302335469091B91D063B07C9E12109
                                    SHA-256:34AC08F3C4F2D42962A3395508818B48CA323D22F498738CC9F09E78CB197D73
                                    SHA-512:427251F471FA3B759CA1555E9600C10F755BC023701D058FF661BEC605B6AB94CFB3456C1FEA68D12B4D815FFBAFABCEB6C12311DD1199FC783ED6863AF97C0F
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "....".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ............................... Google .............. [..] .......[.......] ...........".. },.. "explanationofflineenabled": {.. "message": ".............................................".. },.. "extdesc": {.. "message": ".........................................................".. },.. "extname": {.. "message": "Google ..... ......".. },.. "learnmore": {.. "message": "..".. },.. "popuphelp

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\ka\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):3264
                                    Entropy (8bit):3.586016059431306
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:83F81D30913DC4344573D7A58BD20D85
                                    SHA1:5AD0E91EA18045232A8F9DF1627007FE506A70E0
                                    SHA-256:30898BBF51BDD58DB397FF780F061E33431A38EF5CFC288B5177ECF76B399F26
                                    SHA-512:85F97F12AD4482B5D9A6166BB2AE3C4458A582CF575190C71C1D8E0FB87C58482F8C0EFEAD56E3A70EDD42BED945816DB5E07732AD27B8FFC93F4093710DD58F
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"createnew":{"message":"\u10d0\u10ee\u10da\u10d8\u10e1 \u10e8\u10d4\u10e5\u10db\u10dc\u10d0"},"explanationofflinedisabled":{"message":"\u10d7\u10e5\u10d5\u10d4\u10dc \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10ee\u10d0\u10e0\u10d7. Google Docs-\u10d8\u10e1 \u10d8\u10dc\u10e2\u10d4\u10e0\u10dc\u10d4\u10e2\u10d7\u10d0\u10dc \u10d9\u10d0\u10d5\u10e8\u10d8\u10e0\u10d8\u10e1 \u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10d2\u10d0\u10db\u10dd\u10e1\u10d0\u10e7\u10d4\u10dc\u10d4\u10d1\u10da\u10d0\u10d3 \u10d2\u10d0\u10d3\u10d0\u10d3\u10d8\u10d7 \u10de\u10d0\u10e0\u10d0\u10db\u10d4\u10e2\u10e0\u10d4\u10d1\u10d6\u10d4 Google Docs-\u10d8\u10e1 \u10db\u10d7\u10d0\u10d5\u10d0\u10e0 \u10d2\u10d5\u10d4\u10e0\u10d3\u10d6\u10d4 \u10d3\u10d0 \u10e9\u10d0\u10e0\u10d7\u10d4\u10d7 \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10e1\u10d8\u10dc\u10e5\u10e0\u10dd\u10dc\u10d8\u10d6\u10d0\u10ea\u10d8\u10d0, \u10e0\u10dd\u10d3\u10d4\u10e1\u10d0\u10ea \u10e8\u10d4\u10db\u10d3\u10d2\u10dd\u10

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\kk\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):3235
                                    Entropy (8bit):3.6081439490236464
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:2D94A58795F7B1E6E43C9656A147AD3C
                                    SHA1:E377DB505C6924B6BFC9D73DC7C02610062F674E
                                    SHA-256:548DC6C96E31A16CE355DC55C64833B08EF3FBA8BF33149031B4A685959E3AF4
                                    SHA-512:F51CC857E4CF2D4545C76A2DCE7D837381CE59016E250319BF8D39718BE79F9F6EE74EA5A56DE0E8759E4E586D93430D51651FC902376D8A5698628E54A0F2D8
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"createnew":{"message":"\u0416\u0410\u04a2\u0410\u0421\u042b\u041d \u0416\u0410\u0421\u0410\u0423"},"explanationofflinedisabled":{"message":"\u0421\u0456\u0437 \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u043d\u0434\u0435\u0441\u0456\u0437. Google Docs \u049b\u043e\u043b\u0434\u0430\u043d\u0431\u0430\u0441\u044b\u043d \u0436\u0435\u043b\u0456 \u0431\u0430\u0439\u043b\u0430\u043d\u044b\u0441\u044b\u043d\u0441\u044b\u0437 \u049b\u043e\u043b\u0434\u0430\u043d\u0443 \u04af\u0448\u0456\u043d, \u043a\u0435\u043b\u0435\u0441\u0456 \u0436\u043e\u043b\u044b \u0436\u0435\u043b\u0456\u0433\u0435 \u049b\u043e\u0441\u044b\u043b\u0493\u0430\u043d\u0434\u0430, Google Docs \u043d\u0435\u0433\u0456\u0437\u0433\u0456 \u0431\u0435\u0442\u0456\u043d\u0435\u043d \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043b\u0435\u0440 \u0431\u04e9\u043b\u0456\u043c\u0456\u043d \u043a\u0456\u0440\u0456\u043f, \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\km\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):3122
                                    Entropy (8bit):3.891443295908904
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:B3699C20A94776A5C2F90AEF6EB0DAD9
                                    SHA1:1F9B968B0679A20FA097624C9ABFA2B96C8C0BEA
                                    SHA-256:A6118F0A0DE329E07C01F53CD6FB4FED43E54C5F53DB4CD1C7F5B2B4D9FB10E6
                                    SHA-512:1E8D15B8BFF1D289434A244172F9ED42B4BB6BCB6372C1F300B01ACEA5A88167E97FEDABA0A7AE3BEB5E24763D1B09046AE8E30745B80E2E2FE785C94DF362F6
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"createnew":{"message":"\u1794\u1784\u17d2\u1780\u17be\u178f\u200b\u1790\u17d2\u1798\u17b8"},"explanationofflinedisabled":{"message":"\u17a2\u17d2\u1793\u1780\u200b\u1782\u17d2\u1798\u17b6\u1793\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f\u17d4 \u178a\u17be\u1798\u17d2\u1794\u17b8\u200b\u1794\u17d2\u179a\u17be Google \u17af\u1780\u179f\u17b6\u179a\u200b\u1794\u17b6\u1793\u200b\u200b\u178a\u17c4\u1799\u200b\u200b\u1798\u17b7\u1793\u1798\u17b6\u1793\u200b\u200b\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f \u179f\u17bc\u1798\u200b\u200b\u1791\u17c5\u200b\u1780\u17b6\u1793\u17cb\u200b\u1780\u17b6\u179a\u200b\u1780\u17c6\u178e\u178f\u17cb\u200b\u1793\u17c5\u200b\u179b\u17be\u200b\u1782\u17c1\u17a0\u1791\u17c6\u1796\u17d0\u179a Google \u17af\u1780\u179f\u17b6\u179a \u1793\u17b7\u1784\u200b\u1794\u17be\u1780\u200b\u1780\u17b6\u179a\u1792\u17d2\u179c\u17be\u200b\u179f\u1798\u1780\u17b6\u179b\u1780\u1798\u17d2\u1798\u200b\u200b\u200b\u1782\u17d2\u1798\u17b6\u1793

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\kn\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1895
                                    Entropy (8bit):4.28990403715536
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:38BE0974108FC1CC30F13D8230EE5C40
                                    SHA1:ACF44889DD07DB97D26D534AD5AFA1BC1A827BAD
                                    SHA-256:30078EF35A76E02A400F03B3698708A0145D9B57241CC4009E010696895CF3A1
                                    SHA-512:7BDB2BADE4680801FC3B33E82C8AA4FAC648F45C795B4BACE4669D6E907A578FF181C093464884C0E00C9762E8DB75586A253D55CD10A7777D281B4BFFAFE302
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "........ .....".. },.. "explanationofflinedisabled": {.. "message": ".... ..................... ......... ............. Google ...... ....., Google ...... ............ ............... .... ..... ...... .... .... ............ ............. ........ ..... ... .....".. },.. "explanationofflineenabled": {.. "message": ".... ...................., .... .... .... ......... ........... ............ .... ........ .........."..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\ko\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1042
                                    Entropy (8bit):5.3945675025513955
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:F3E59EEEB007144EA26306C20E04C292
                                    SHA1:83E7BDFA1F18F4C7534208493C3FF6B1F2F57D90
                                    SHA-256:C52D9B955D229373725A6E713334BBB31EA72EFA9B5CF4FBD76A566417B12CAC
                                    SHA-512:7808CB5FF041B002CBD78171EC5A0B4DBA3E017E21F7E8039084C2790F395B839BEE04AD6C942EED47CCB53E90F6DE818A725D1450BF81BA2990154AFD3763AF
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": ".. ...".. },.. "explanationofflinedisabled": {.. "message": ".... ...... ... .. .. Google Docs. ..... Google Docs .... .... .... .... .... ..... . .... .... ..... ......".. },.. "explanationofflineenabled": {.. "message": ".... ...... ... .. ... ... ..... ... ... .. . .....".. },.. "extdesc": {.. "message": ".... .... ... .., ...... . ....... .., .., ......".. },.. "extname": {.. "message": "Google Docs ....".. },.. "learnmore": {.. "message": "... ....".. },.. "popuphelptext": {.. "message": "... .. ... .... ..... .... .... .....

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\lo\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):2535
                                    Entropy (8bit):3.8479764584971368
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:E20D6C27840B406555E2F5091B118FC5
                                    SHA1:0DCECC1A58CEB4936E255A64A2830956BFA6EC14
                                    SHA-256:89082FB05229826BC222F5D22C158235F025F0E6DF67FF135A18BD899E13BB8F
                                    SHA-512:AD53FC0B153005F47F9F4344DF6C4804049FAC94932D895FD02EEBE75222CFE77EEDD9CD3FDC4C88376D18C5972055B00190507AA896488499D64E884F84F093
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"createnew":{"message":"\u0eaa\u0ec9\u0eb2\u0e87\u0ec3\u0edd\u0ec8"},"explanationofflinedisabled":{"message":"\u0e97\u0ec8\u0eb2\u0e99\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ea2\u0eb9\u0ec8. \u0ec0\u0e9e\u0eb7\u0ec8\u0ead\u0ec3\u0e8a\u0ec9 Google Docs \u0ec2\u0e94\u0e8d\u0e9a\u0ecd\u0ec8\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94, \u0ec3\u0eab\u0ec9\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e81\u0eb2\u0e99\u0e95\u0eb1\u0ec9\u0e87\u0e84\u0ec8\u0eb2\u0ec3\u0e99\u0edc\u0ec9\u0eb2 Google Docs \u0ec1\u0ea5\u0ec9\u0ea7\u0ec0\u0e9b\u0eb5\u0e94\u0ec3\u0e8a\u0ec9\u0e81\u0eb2\u0e99\u0e8a\u0eb4\u0ec9\u0e87\u0ec1\u0e9a\u0e9a\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ec3\u0e99\u0ec0\u0e97\u0eb7\u0ec8\u0ead\u0e95\u0ecd\u0ec8\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e97\u0ec8\u0eb2\u0e99\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94."},"explanationofflineenabled":{"message":"\u0e97\u0ec

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\lt\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1028
                                    Entropy (8bit):4.797571191712988
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:970544AB4622701FFDF66DC556847652
                                    SHA1:14BEE2B77EE74C5E38EBD1DB09E8D8104CF75317
                                    SHA-256:5DFCBD4DFEAEC3ABE973A78277D3BD02CD77AE635D5C8CD1F816446C61808F59
                                    SHA-512:CC12D00C10B970189E90D47390EEB142359A8D6F3A9174C2EF3AE0118F09C88AB9B689D9773028834839A7DFAF3AAC6747BC1DCB23794A9F067281E20B8DC6EA
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "SUKURTI NAUJ.".. },.. "explanationofflinedisabled": {.. "message": "Esate neprisijung.. Jei norite naudoti .Google. dokumentus be interneto ry.io, pagrindiniame .Google. dokument. puslapyje eikite . nustatym. skilt. ir .junkite sinchronizavim. neprisijungus, kai kit. kart. b.site prisijung. prie interneto.".. },.. "explanationofflineenabled": {.. "message": "Esate neprisijung., bet vis tiek galite redaguoti pasiekiamus failus arba sukurti nauj..".. },.. "extdesc": {.. "message": "Redaguokite, kurkite ir per.i.r.kite savo dokumentus, skai.iuokles ir pristatymus . visk. darykite be prieigos prie interneto.".. },.. "extname": {.. "message": ".Google. dokumentai neprisijungus".. },.. "learnmore": {.. "message": "Su.inoti daugiau".. },.. "popuphelptext": {.. "message": "Ra.ykite, redaguokite ir bendradarbiaukite bet kurioje vietoje naudodami interneto ry.. arba

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\lv\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):994
                                    Entropy (8bit):4.700308832360794
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:A568A58817375590007D1B8ABCAEBF82
                                    SHA1:B0F51FE6927BB4975FC6EDA7D8A631BF0C1AB597
                                    SHA-256:0621DE9161748F45D53052ED8A430962139D7F19074C7FFE7223ECB06B0B87DB
                                    SHA-512:FCFBADEC9F73975301AB404DB6B09D31457FAC7CCAD2FA5BE348E1CAD6800F87CB5B56DE50880C55BBADB3C40423351A6B5C2D03F6A327D898E35F517B1C628C
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "IZVEIDOT JAUNU".. },.. "explanationofflinedisabled": {.. "message": "J.s esat bezsaist.. Lai lietotu pakalpojumu Google dokumenti bez interneta savienojuma, n.kamaj. reiz., kad ir izveidots savienojums ar internetu, atveriet Google dokumentu s.kumlapas iestat.jumu izv.lni un iesl.dziet sinhroniz.ciju bezsaist..".. },.. "explanationofflineenabled": {.. "message": "J.s esat bezsaist., ta.u varat redi..t pieejamos failus un izveidot jaunus.".. },.. "extdesc": {.. "message": "Redi..jiet, veidojiet un skatiet savus dokumentus, izkl.jlapas un prezent.cijas, neizmantojot savienojumu ar internetu.".. },.. "extname": {.. "message": "Google dokumenti bezsaist.".. },.. "learnmore": {.. "message": "Uzziniet vair.k".. },.. "popuphelptext": {.. "message": "Rakstiet, redi..jiet un sadarbojieties ar interneta savienojumu vai bez t. neatkar.gi no t., kur atrodaties.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\ml\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):2091
                                    Entropy (8bit):4.358252286391144
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:4717EFE4651F94EFF6ACB6653E868D1A
                                    SHA1:B8A7703152767FBE1819808876D09D9CC1C44450
                                    SHA-256:22CA9415E294D9C3EC3384B9D08CDAF5164AF73B4E4C251559E09E529C843EA6
                                    SHA-512:487EAB4938F6BC47B1D77DD47A5E2A389B94E01D29849E38E96C95CABC7BD98679451F0E22D3FEA25C045558CD69FDDB6C4FEF7C581141F1C53C4AA17578D7F7
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "....... ............".. },.. "explanationofflinedisabled": {.. "message": "...... ........... ........... ............. ..... Google ....... ..........., Google ....... .......... ............. .... ...... ...... ... ............... .................... '.......... ................' .........".. },.. "explanationofflineenabled": {.. "message": "................., .......... ......... ....... ...... ..............

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\mn\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):2778
                                    Entropy (8bit):3.595196082412897
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:83E7A14B7FC60D4C66BF313C8A2BEF0B
                                    SHA1:1CCF1D79CDED5D65439266DB58480089CC110B18
                                    SHA-256:613D8751F6CC9D3FA319F4B7EA8B2BD3BED37FD077482CA825929DD7C12A69A8
                                    SHA-512:3742E24FFC4B5283E6EE496813C1BDC6835630D006E8647D427C3DE8B8E7BF814201ADF9A27BFAB3ABD130B6FEC64EBB102AC0EB8DEDFE7B63D82D3E1233305D
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"createnew":{"message":"\u0428\u0418\u041d\u0418\u0419\u0413 \u04ae\u04ae\u0421\u0413\u042d\u0425"},"explanationofflinedisabled":{"message":"\u0422\u0430 \u043e\u0444\u043b\u0430\u0439\u043d \u0431\u0430\u0439\u043d\u0430. Google \u0414\u043e\u043a\u044b\u0433 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u0433\u04af\u0439\u0433\u044d\u044d\u0440 \u0430\u0448\u0438\u0433\u043b\u0430\u0445\u044b\u043d \u0442\u0443\u043b\u0434 \u0434\u0430\u0440\u0430\u0430\u0433\u0438\u0439\u043d \u0443\u0434\u0430\u0430 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u044d\u0434 \u0445\u043e\u043b\u0431\u043e\u0433\u0434\u043e\u0445\u0434\u043e\u043e Google \u0414\u043e\u043a\u044b\u043d \u043d\u04af\u04af\u0440 \u0445\u0443\u0443\u0434\u0430\u0441\u043d\u0430\u0430\u0441 \u0442\u043e\u0445\u0438\u0440\u0433\u043e\u043e \u0434\u043e\u0442\u043e\u0440\u0445 \u043e\u0444\u043b\u0430\u0439\u043d \u0441\u0438\u043d\u043a\u0438\u0439\u0433 \u0438\u0434\u044d\u0432\u0445\u0436\u04af\u04af\u043b\u043d\u0

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\mr\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1719
                                    Entropy (8bit):4.287702203591075
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:3B98C4ED8874A160C3789FEAD5553CFA
                                    SHA1:5550D0EC548335293D962AAA96B6443DD8ABB9F6
                                    SHA-256:ADEB082A9C754DFD5A9D47340A3DDCC19BF9C7EFA6E629A2F1796305F1C9A66F
                                    SHA-512:5139B6C6DF9459C7B5CDC08A98348891499408CD75B46519BA3AC29E99AAAFCC5911A1DEE6C3A57E3413DBD0FAE72D7CBC676027248DCE6364377982B5CE4151
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": ".... .... ...".. },.. "explanationofflinedisabled": {.. "message": "...... ...... ..... ......... ....... ....... ..... Google ....... ............, Google ....... .............. .......... .. ... ..... .... ...... ......... ...... ...... ...... .... .... ....".. },.. "explanationofflineenabled": {.. "message": "...... ...... ...., ..... ...... ...... ...... .... ....... ... ..... .... .... ... .....".. },.. "extdesc": {.. "message": "..... ..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\ms\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):936
                                    Entropy (8bit):4.457879437756106
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:7D273824B1E22426C033FF5D8D7162B7
                                    SHA1:EADBE9DBE5519BD60458B3551BDFC36A10049DD1
                                    SHA-256:2824CF97513DC3ECC261F378BFD595AE95A5997E9D1C63F5731A58B1F8CD54F9
                                    SHA-512:E5B611BBFAB24C9924D1D5E1774925433C65C322769E1F3B116254B1E9C69B6DF1BE7828141EEBBF7524DD179875D40C1D8F29C4FB86D663B8A365C6C60421A7
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "BUAT BAHARU".. },.. "explanationofflinedisabled": {.. "message": "Anda berada di luar talian. Untuk menggunakan Google Docs tanpa sambungan Internet, pergi ke tetapan di halaman utama Google Docs dan hidupkan penyegerakan luar talian apabila anda disambungkan ke Internet selepas ini.".. },.. "explanationofflineenabled": {.. "message": "Anda berada di luar talian, tetapi anda masih boleh mengedit fail yang tersedia atau buat fail baharu.".. },.. "extdesc": {.. "message": "Edit, buat dan lihat dokumen, hamparan dan pembentangan anda . kesemuanya tanpa akses Internet.".. },.. "extname": {.. "message": "Google Docs Luar Talian".. },.. "learnmore": {.. "message": "Ketahui Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit dan bekerjasama di mana-mana sahaja anda berada, dengan atau tanpa sambungan Internet.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\my\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):3830
                                    Entropy (8bit):3.5483353063347587
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:342335A22F1886B8BC92008597326B24
                                    SHA1:2CB04F892E430DCD7705C02BF0A8619354515513
                                    SHA-256:243BEFBD6B67A21433DCC97DC1A728896D3A070DC20055EB04D644E1BB955FE7
                                    SHA-512:CD344D060E30242E5A4705547E807CE3CE2231EE983BB9A8AD22B3E7598A7EC87399094B04A80245AD51D039370F09D74FE54C0B0738583884A73F0C7E888AD8
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"createnew":{"message":"\u1021\u101e\u1005\u103a \u1015\u103c\u102f\u101c\u102f\u1015\u103a\u101b\u1014\u103a"},"explanationofflinedisabled":{"message":"\u101e\u1004\u103a \u1021\u1031\u102c\u1037\u1016\u103a\u101c\u102d\u102f\u1004\u103a\u1038\u1016\u103c\u1005\u103a\u1014\u1031\u1015\u102b\u101e\u100a\u103a\u104b \u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u1019\u103e\u102f \u1019\u101b\u103e\u102d\u1018\u1032 Google Docs \u1000\u102d\u102f \u1021\u101e\u102f\u1036\u1038\u1015\u103c\u102f\u101b\u1014\u103a \u1014\u1031\u102c\u1000\u103a\u1010\u1005\u103a\u1000\u103c\u102d\u1019\u103a \u101e\u1004\u103a\u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u101e\u100a\u1037\u103a\u1021\u1001\u102b Google Docs \u1015\u1004\u103a\u1019\u1005\u102c\u1019\u103b\u1000\u103a\u1014\u103e\u102c\u101b\u103e\u102d \u1006\u1000\u103a\u1010\u1004\u103a\u1019\u103b\u102c\u1038\u101e\u102d\u102f\u1037\u1

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\ne\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1898
                                    Entropy (8bit):4.187050294267571
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:B1083DA5EC718D1F2F093BD3D1FB4F37
                                    SHA1:74B6F050D918448396642765DEF1AD5390AB5282
                                    SHA-256:E6ED0A023EF31705CCCBAF1E07F2B4B2279059296B5CA973D2070417BA16F790
                                    SHA-512:7102B90ABBE2C811E8EE2F1886A73B1298D4F3D5D05F0FFDB57CF78B9A49A25023A290B255BAA4895BB150B388BAFD9F8432650B8C70A1A9A75083FFFCD74F1A
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": ".... ....... .........".. },.. "explanationofflinedisabled": {.. "message": "..... ...... .......... .... ........ .... .... Google ........ ...... .... ..... ..... ... .......... ....... .... Google ........ .......... ..... .......... .. ...... ..... .... ..... ......... .. ..........".. },.. "explanationofflineenabled": {.. "message": "..... ...... ........., .. ..... ... ... ...... ....... ....... .. .... ....... ....

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\nl\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):914
                                    Entropy (8bit):4.513485418448461
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:32DF72F14BE59A9BC9777113A8B21DE6
                                    SHA1:2A8D9B9A998453144307DD0B700A76E783062AD0
                                    SHA-256:F3FE1FFCB182183B76E1B46C4463168C746A38E461FD25CA91FF2A40846F1D61
                                    SHA-512:E0966F5CCA5A8A6D91C58D716E662E892D1C3441DAA5D632E5E843839BB989F620D8AC33ED3EDBAFE18D7306B40CD0C4639E5A4E04DA2C598331DACEC2112AAD
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "NIEUW MAKEN".. },.. "explanationofflinedisabled": {.. "message": "Je bent offline. Wil je Google Documenten zonder internetverbinding gebruiken, ga dan de volgende keer dat je verbinding met internet hebt naar 'Instellingen' op de homepage van Google Documenten en zet 'Offline synchronisatie' aan.".. },.. "explanationofflineenabled": {.. "message": "Je bent offline, maar je kunt nog wel beschikbare bestanden bewerken of nieuwe bestanden maken.".. },.. "extdesc": {.. "message": "Bewerk, maak en bekijk je documenten, spreadsheets en presentaties. Allemaal zonder internettoegang.".. },.. "extname": {.. "message": "Offline Documenten".. },.. "learnmore": {.. "message": "Meer informatie".. },.. "popuphelptext": {.. "message": "Overal schrijven, bewerken en samenwerken, met of zonder internetverbinding.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\no\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):878
                                    Entropy (8bit):4.4541485835627475
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:A1744B0F53CCF889955B95108367F9C8
                                    SHA1:6A5A6771DFF13DCB4FD425ED839BA100B7123DE0
                                    SHA-256:21CEFF02B45A4BFD60D144879DFA9F427949A027DD49A3EB0E9E345BD0B7C9A8
                                    SHA-512:F55E43F14514EECB89F6727A0D3C234149609020A516B193542B5964D2536D192F40CC12D377E70C683C269A1BDCDE1C6A0E634AA84A164775CFFE776536A961
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "OPPRETT NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du er uten nett. For . bruke Google Dokumenter uten internettilkobling, g. til innstillingene p. Google Dokumenter-nettsiden og sl. p. synkronisering uten nett neste gang du er koblet til Internett.".. },.. "explanationofflineenabled": {.. "message": "Du er uten nett, men du kan likevel endre tilgjengelige filer eller opprette nye.".. },.. "extdesc": {.. "message": "Rediger, opprett og se dokumentene, regnearkene og presentasjonene dine . uten nettilgang.".. },.. "extname": {.. "message": "Google Dokumenter uten nett".. },.. "learnmore": {.. "message": "Finn ut mer".. },.. "popuphelptext": {.. "message": "Skriv, rediger eller samarbeid uansett hvor du er, med eller uten internettilkobling.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\pa\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):2766
                                    Entropy (8bit):3.839730779948262
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:97F769F51B83D35C260D1F8CFD7990AF
                                    SHA1:0D59A76564B0AEE31D0A074305905472F740CECA
                                    SHA-256:BBD37D41B7DE6F93948FA2437A7699D4C30A3C39E736179702F212CB36A3133C
                                    SHA-512:D91F5E2D22FC2D7F73C1F1C4AF79DB98FCFD1C7804069AE9B2348CBC729A6D2DFF7FB6F44D152B0BDABA6E0D05DFF54987E8472C081C4D39315CEC2CBC593816
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"createnew":{"message":"\u0a28\u0a35\u0a3e\u0a02 \u0a2c\u0a23\u0a3e\u0a13"},"explanationofflinedisabled":{"message":"\u0a24\u0a41\u0a38\u0a40\u0a02 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a39\u0a4b\u0964 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a15\u0a28\u0a48\u0a15\u0a36\u0a28 \u0a26\u0a47 \u0a2c\u0a3f\u0a28\u0a3e\u0a02 Google Docs \u0a28\u0a42\u0a70 \u0a35\u0a30\u0a24\u0a23 \u0a32\u0a08, \u0a05\u0a17\u0a32\u0a40 \u0a35\u0a3e\u0a30 \u0a1c\u0a26\u0a4b\u0a02 \u0a24\u0a41\u0a38\u0a40\u0a02 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a26\u0a47 \u0a28\u0a3e\u0a32 \u0a15\u0a28\u0a48\u0a15\u0a1f \u0a39\u0a4b\u0a35\u0a4b \u0a24\u0a3e\u0a02 Google Docs \u0a2e\u0a41\u0a71\u0a16 \u0a2a\u0a70\u0a28\u0a47 '\u0a24\u0a47 \u0a38\u0a48\u0a1f\u0a3f\u0a70\u0a17\u0a3e\u0a02 \u0a35\u0a3f\u0a71\u0a1a \u0a1c\u0a3e\u0a13 \u0a05\u0a24\u0a47 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a38\u0a3f\u0a70\u0a15 \u0a28\u0a42\u0a70 \u0a1a\u0a3e\u0a32\u0a42 \u0a15\u0a30\u0a4b\u0964"},"expla

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\pl\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):978
                                    Entropy (8bit):4.879137540019932
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:B8D55E4E3B9619784AECA61BA15C9C0F
                                    SHA1:B4A9C9885FBEB78635957296FDDD12579FEFA033
                                    SHA-256:E00FF20437599A5C184CA0C79546CB6500171A95E5F24B9B5535E89A89D3EC3D
                                    SHA-512:266589116EEE223056391C65808255EDAE10EB6DC5C26655D96F8178A41E283B06360AB8E08AC3857D172023C4F616EF073D0BEA770A3B3DD3EE74F5FFB2296B
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "UTW.RZ NOWY".. },.. "explanationofflinedisabled": {.. "message": "Jeste. offline. Aby korzysta. z Dokument.w Google bez po..czenia internetowego, otw.rz ustawienia na stronie g..wnej Dokument.w Google i w..cz synchronizacj. offline nast.pnym razem, gdy b.dziesz mie. dost.p do internetu.".. },.. "explanationofflineenabled": {.. "message": "Jeste. offline, ale nadal mo.esz edytowa. dost.pne pliki i tworzy. nowe.".. },.. "extdesc": {.. "message": "Edytuj, tw.rz i wy.wietlaj swoje dokumenty, arkusze kalkulacyjne oraz prezentacje bez konieczno.ci ..czenia si. z internetem.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Wi.cej informacji".. },.. "popuphelptext": {.. "message": "Pisz, edytuj i wsp..pracuj, gdziekolwiek jeste. . niezale.nie od tego, czy masz po..czenie z internetem.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\pt_BR\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):907
                                    Entropy (8bit):4.599411354657937
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:608551F7026E6BA8C0CF85D9AC11F8E3
                                    SHA1:87B017B2D4DA17E322AF6384F82B57B807628617
                                    SHA-256:A73EEA087164620FA2260D3910D3FBE302ED85F454EDB1493A4F287D42FC882F
                                    SHA-512:82F52F8591DB3C0469CC16D7CBFDBF9116F6D5B5D2AD02A3D8FA39CE1378C64C0EA80AB8509519027F71A89EB8BBF38A8702D9AD26C8E6E0F499BF7DA18BF747
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Voc. est. off-line. Para usar o Documentos Google sem conex.o com a Internet, na pr.xima vez que se conectar, acesse as configura..es na p.gina inicial do Documentos Google e ative a sincroniza..o off-line.".. },.. "explanationofflineenabled": {.. "message": "Voc. est. off-line, mas mesmo assim pode editar os arquivos dispon.veis ou criar novos arquivos.".. },.. "extdesc": {.. "message": "Edite, crie e veja seus documentos, planilhas e apresenta..es sem precisar de acesso . Internet.".. },.. "extname": {.. "message": "Documentos Google off-line".. },.. "learnmore": {.. "message": "Saiba mais".. },.. "popuphelptext": {.. "message": "Escreva, edite e colabore onde voc. estiver, com ou sem conex.o com a Internet.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\pt_PT\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):914
                                    Entropy (8bit):4.604761241355716
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:0963F2F3641A62A78B02825F6FA3941C
                                    SHA1:7E6972BEAB3D18E49857079A24FB9336BC4D2D48
                                    SHA-256:E93B8E7FB86D2F7DFAE57416BB1FB6EE0EEA25629B972A5922940F0023C85F90
                                    SHA-512:22DD42D967124DA5A2209DD05FB6AD3F5D0D2687EA956A22BA1E31C56EC09DEB53F0711CD5B24D672405358502E9D1C502659BB36CED66CAF83923B021CA0286
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est. offline. Para utilizar o Google Docs sem uma liga..o . Internet, aceda .s defini..es na p.gina inicial do Google Docs e ative a sincroniza..o offline da pr.xima vez que estiver ligado . Internet.".. },.. "explanationofflineenabled": {.. "message": "Est. offline, mas continua a poder editar os ficheiros dispon.veis ou criar novos ficheiros.".. },.. "extdesc": {.. "message": "Edite, crie e veja os documentos, as folhas de c.lculo e as apresenta..es, tudo sem precisar de aceder . Internet.".. },.. "extname": {.. "message": "Google Docs offline".. },.. "learnmore": {.. "message": "Saber mais".. },.. "popuphelptext": {.. "message": "Escreva edite e colabore onde quer que esteja, com ou sem uma liga..o . Internet.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\ro\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):937
                                    Entropy (8bit):4.686555713975264
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:BED8332AB788098D276B448EC2B33351
                                    SHA1:6084124A2B32F386967DA980CBE79DD86742859E
                                    SHA-256:085787999D78FADFF9600C9DC5E3FF4FB4EB9BE06D6BB19DF2EEF8C284BE7B20
                                    SHA-512:22596584D10707CC1C8179ED3ABE46EF2C314CF9C3D0685921475944B8855AAB660590F8FA1CFDCE7976B4BB3BD9ABBBF053F61F1249A325FD0094E1C95692ED
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "CREEAZ. UN DOCUMENT".. },.. "explanationofflinedisabled": {.. "message": "E.ti offline. Pentru a utiliza Documente Google f.r. conexiune la internet, intr. .n set.rile din pagina principal. Documente Google .i activeaz. sincronizarea offline data viitoare c.nd e.ti conectat(.) la internet.".. },.. "explanationofflineenabled": {.. "message": "E.ti offline, dar po.i .nc. s. editezi fi.ierele disponibile sau s. creezi altele.".. },.. "extdesc": {.. "message": "Editeaz., creeaz. .i acceseaz. documente, foi de calcul .i prezent.ri - totul f.r. acces la internet.".. },.. "extname": {.. "message": "Documente Google Offline".. },.. "learnmore": {.. "message": "Afl. mai multe".. },.. "popuphelptext": {.. "message": "Scrie, editeaz. .i colaboreaz. oriunde ai fi, cu sau f.r. conexiune la internet.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\ru\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1337
                                    Entropy (8bit):4.69531415794894
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:51D34FE303D0C90EE409A2397FCA437D
                                    SHA1:B4B9A7B19C62D0AA95D1F10640A5FBA628CCCA12
                                    SHA-256:BE733625ACD03158103D62BC0EEF272CA3F265AC30C87A6A03467481A177DAE3
                                    SHA-512:E8670DED44DC6EE30E5F41C8B2040CF8A463CD9A60FC31FA70EB1D4C9AC1A3558369792B5B86FA761A21F5266D5A35E5C2C39297F367DAA84159585C19EC492A
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": ".......".. },.. "explanationofflinedisabled": {.. "message": "..... ............ Google ......... ... ........., ............ . .... . ......... ............. . ......-...... . .......... .. ......... .........".. },.. "explanationofflineenabled": {.. "message": "... ........... . .......... .. ...... ......... ..... ..... . ............. .., . ....... ........ ......-.......".. },.. "extdesc": {.. "message": ".........., .............. . ............ ........., ....... . ........... ... ....... . ..........".. },.. "extname": {.. "message": "Google.......... ......".. },.. "learnmore": {.

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\si\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):2846
                                    Entropy (8bit):3.7416822879702547
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:B8A4FD612534A171A9A03C1984BB4BDD
                                    SHA1:F513F7300827FE352E8ECB5BD4BB1729F3A0E22A
                                    SHA-256:54241EBE651A8344235CC47AFD274C080ABAEBC8C3A25AFB95D8373B6A5670A2
                                    SHA-512:C03E35BFDE546AEB3245024EF721E7E606327581EFE9EAF8C5B11989D9033BDB58437041A5CB6D567BAA05466B6AAF054C47F976FD940EEEDF69FDF80D79095B
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"createnew":{"message":"\u0db1\u0dc0 \u0dbd\u0dda\u0d9b\u0db1\u0dba\u0d9a\u0dca \u0dc3\u0dcf\u0daf\u0db1\u0dca\u0db1"},"explanationofflinedisabled":{"message":"\u0d94\u0db6 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2\u0dba. \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd \u0dc3\u0db8\u0dca\u0db6\u0db1\u0dca\u0db0\u0dad\u0dcf\u0dc0\u0d9a\u0dca \u0db1\u0ddc\u0db8\u0dd0\u0dad\u0dd2\u0dc0 Google Docs \u0db7\u0dcf\u0dc0\u0dd2\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8\u0da7, Google Docs \u0db8\u0dd4\u0dbd\u0dca \u0db4\u0dd2\u0da7\u0dd4\u0dc0 \u0db8\u0dad \u0dc3\u0dd0\u0d9a\u0dc3\u0dd3\u0db8\u0dca \u0dc0\u0dd9\u0dad \u0d9c\u0ddc\u0dc3\u0dca \u0d94\u0db6 \u0d8a\u0dc5\u0d9f \u0d85\u0dc0\u0dc3\u0dca\u0dae\u0dcf\u0dc0\u0dda \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd\u0dba\u0da7 \u0dc3\u0db6\u0dd0\u0db3\u0dd2 \u0dc0\u0dd2\u0da7 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2 \u0dc3\u0db8\u0db8\u0dd4\u0dc4\u0dd4\u0dbb\u0dca\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8 \u0d9a\u0dca\u200d\u0dbb\u0dd2\u0dba\u0dc

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\sk\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):934
                                    Entropy (8bit):4.882122893545996
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:8E55817BF7A87052F11FE554A61C52D5
                                    SHA1:9ABDC0725FE27967F6F6BE0DF5D6C46E2957F455
                                    SHA-256:903060EC9E76040B46DEB47BBB041D0B28A6816CB9B892D7342FC7DC6782F87C
                                    SHA-512:EFF9EC7E72B272DDE5F29123653BC056A4BC2C3C662AE3C448F8CB6A4D1865A0679B7E74C1B3189F3E262109ED6BC8F8D2BDE14AEFC8E87E0F785AE4837D01C7
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "VYTVORI. NOV.".. },.. "explanationofflinedisabled": {.. "message": "Ste offline. Ak chcete pou.i. Dokumenty Google bez pripojenia na internet, po najbli..om pripojen. na internet prejdite do nastaven. na domovskej str.nke Dokumentov Google a.zapnite offline synchroniz.ciu.".. },.. "explanationofflineenabled": {.. "message": "Ste offline, no st.le m..ete upravova. dostupn. s.bory a.vytv.ra. nov..".. },.. "extdesc": {.. "message": ".prava, tvorba a.zobrazenie dokumentov, tabuliek a.prezent.ci.. To v.etko bez pr.stupu na internet.".. },.. "extname": {.. "message": "Dokumenty Google v re.ime offline".. },.. "learnmore": {.. "message": ".al.ie inform.cie".. },.. "popuphelptext": {.. "message": "P..te, upravujte a.spolupracuje, kdeko.vek ste, a.to s.pripojen.m na internet aj bez neho.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\sl\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):963
                                    Entropy (8bit):4.6041913416245
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:BFAEFEFF32813DF91C56B71B79EC2AF4
                                    SHA1:F8EDA2B632610972B581724D6B2F9782AC37377B
                                    SHA-256:AAB9CF9098294A46DC0F2FA468AFFF7CA7C323A1A0EFA70C9DB1E3A4DA05D1D4
                                    SHA-512:971F2BBF5E9C84DE3D31E5F2A4D1A00D891A2504F8AF6D3F75FC19056BFD059A270C4C9836AF35258ABA586A1888133FB22B484F260C1CBC2D1D17BC3B4451AA
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "USTVARI NOVO".. },.. "explanationofflinedisabled": {.. "message": "Nimate vzpostavljene povezave. .e .elite uporabljati Google Dokumente brez internetne povezave, odprite nastavitve na doma.i strani Google Dokumentov in vklopite sinhronizacijo brez povezave, ko naslednji. vzpostavite internetno povezavo.".. },.. "explanationofflineenabled": {.. "message": "Nimate vzpostavljene povezave, vendar lahko .e vedno urejate razpolo.ljive datoteke ali ustvarjate nove.".. },.. "extdesc": {.. "message": "Urejajte, ustvarjajte in si ogledujte dokumente, preglednice in predstavitve . vse to brez internetnega dostopa.".. },.. "extname": {.. "message": "Google Dokumenti brez povezave".. },.. "learnmore": {.. "message": "Ve. o tem".. },.. "popuphelptext": {.. "message": "Pi.ite, urejajte in sodelujte, kjer koli ste, z internetno povezavo ali brez nje.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\sr\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1320
                                    Entropy (8bit):4.569671329405572
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:7F5F8933D2D078618496C67526A2B066
                                    SHA1:B7050E3EFA4D39548577CF47CB119FA0E246B7A4
                                    SHA-256:4E8B69E864F57CDDD4DC4E4FAF2C28D496874D06016BC22E8D39E0CB69552769
                                    SHA-512:0FBAB56629368EEF87DEEF2977CA51831BEB7DEAE98E02504E564218425C751853C4FDEAA40F51ECFE75C633128B56AE105A6EB308FD5B4A2E983013197F5DBA
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "....... ....".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. ..... ......... Google ......... ... ........ ...., ..... . .......... .. ........ ........ Google .......... . ........ ...... .............. ... ....... ... ...... ........ .. ...........".. },.. "explanationofflineenabled": {.. "message": "...... ..., ... . .... ...... .. ....... ...... . ........ ........ ... .. ....... .....".. },.. "extdesc": {.. "message": "....... . ........... ........., ...... . ............ . ....... ...... . ... . ... .. ... ........ .........".. },.. "extname": {.. "message

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\sv\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):884
                                    Entropy (8bit):4.627108704340797
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:90D8FB448CE9C0B9BA3D07FB8DE6D7EE
                                    SHA1:D8688CAC0245FD7B886D0DEB51394F5DF8AE7E84
                                    SHA-256:64B1E422B346AB77C5D1C77142685B3FF7661D498767D104B0C24CB36D0EB859
                                    SHA-512:6D58F49EE3EF0D3186EA036B868B2203FE936CE30DC8E246C32E90B58D9B18C624825419346B62AF8F7D61767DBE9721957280AA3C524D3A5DFB1A3A76C00742
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "SKAPA NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du .r offline. Om du vill anv.nda Google Dokument utan internetuppkoppling, .ppna inst.llningarna p. Google Dokuments startsida och aktivera offlinesynkronisering n.sta g.ng du .r ansluten till internet.".. },.. "explanationofflineenabled": {.. "message": "Du .r offline, men det g.r fortfarande att redigera tillg.ngliga filer eller skapa nya.".. },.. "extdesc": {.. "message": "Redigera, skapa och visa dina dokument, kalkylark och presentationer . helt utan internet.tkomst.".. },.. "extname": {.. "message": "Google Dokument Offline".. },.. "learnmore": {.. "message": "L.s mer".. },.. "popuphelptext": {.. "message": "Skriv, redigera och samarbeta .verallt, med eller utan internetanslutning.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\sw\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):980
                                    Entropy (8bit):4.50673686618174
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:D0579209686889E079D87C23817EDDD5
                                    SHA1:C4F99E66A5891973315D7F2BC9C1DAA524CB30DC
                                    SHA-256:0D20680B74AF10EF8C754FCDE259124A438DCE3848305B0CAF994D98E787D263
                                    SHA-512:D59911F91ED6C8FF78FD158389B4D326DAF4C031B940C399569FE210F6985E23897E7F404B7014FC7B0ACEC086C01CC5F76354F7E5D3A1E0DEDEF788C23C2978
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "FUNGUA MPYA".. },.. "explanationofflinedisabled": {.. "message": "Haupo mtandaoni. Ili uweze kutumia Hati za Google bila muunganisho wa intaneti, wakati utakuwa umeunganishwa kwenye intaneti, nenda kwenye sehemu ya mipangilio kwenye ukurasa wa kwanza wa Hati za Google kisha uwashe kipengele cha usawazishaji nje ya mtandao.".. },.. "explanationofflineenabled": {.. "message": "Haupo mtandaoni, lakini bado unaweza kubadilisha faili zilizopo au uunde mpya.".. },.. "extdesc": {.. "message": "Badilisha, unda na uangalie hati, malahajedwali na mawasilisho yako . yote bila kutumia muunganisho wa intaneti.".. },.. "extname": {.. "message": "Hati za Google Nje ya Mtandao".. },.. "learnmore": {.. "message": "Pata Maelezo Zaidi".. },.. "popuphelptext": {.. "message": "Andika hati, zibadilishe na ushirikiane na wengine popote ulipo, iwe una muunganisho wa intaneti au huna.".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\ta\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1941
                                    Entropy (8bit):4.132139619026436
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:DCC0D1725AEAEAAF1690EF8053529601
                                    SHA1:BB9D31859469760AC93E84B70B57909DCC02EA65
                                    SHA-256:6282BF9DF12AD453858B0B531C8999D5FD6251EB855234546A1B30858462231A
                                    SHA-512:6243982D764026D342B3C47C706D822BB2B0CAFFA51F0591D8C878F981EEF2A7FC68B76D012630B1C1EB394AF90EB782E2B49329EB6538DD5608A7F0791FDCF5
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "..... ....... .........".. },.. "explanationofflinedisabled": {.. "message": ".......... ........... .... ....... ..... Google ......... .........., ...... .... ........... ......... ...., Google ... ................... ................ ......, ........ ......... ..........".. },.. "explanationofflineenabled": {.. "message": ".......... ..........., .......... .......... .......... ......... ........... ...... .....

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\te\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1969
                                    Entropy (8bit):4.327258153043599
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:385E65EF723F1C4018EEE6E4E56BC03F
                                    SHA1:0CEA195638A403FD99BAEF88A360BD746C21DF42
                                    SHA-256:026C164BAE27DBB36A564888A796AA3F188AAD9E0C37176D48910395CF772CEA
                                    SHA-512:E55167CB5638E04DF3543D57C8027B86B9483BFCAFA8E7C148EDED66454AEBF554B4C1CF3C33E93EC63D73E43800D6A6E7B9B1A1B0798B6BDB2F699D3989B052
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "..... ...... ........ ......".. },.. "explanationofflinedisabled": {.. "message": ".... ........... ........ ......... ........ ....... Google Docs... .............., .... ............ ....... ..... ...... .... Google Docs .... ...... ............. ......, ........ ........ ... .......".. },.. "explanationofflineenabled": {.. "message": ".... ........... ......., .... .... ........ .......... .... ....... ..... ....... .... ..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\th\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1674
                                    Entropy (8bit):4.343724179386811
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:64077E3D186E585A8BEA86FF415AA19D
                                    SHA1:73A861AC810DABB4CE63AD052E6E1834F8CA0E65
                                    SHA-256:D147631B2334A25B8AA4519E4A30FB3A1A85B6A0396BC688C68DC124EC387D58
                                    SHA-512:56DD389EB9DD335A6214E206B3BF5D63562584394D1DE1928B67D369E548477004146E6CB2AD19D291CB06564676E2B2AC078162356F6BC9278B04D29825EF0C
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": ".............. ............. Google .................................... ............................... Google ...... .................................................................".. },.. "explanationofflineenabled": {.. "message": "................................................................".. },.. "extdesc": {.. "message": "..... ..... ........

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\tr\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1063
                                    Entropy (8bit):4.853399816115876
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:76B59AAACC7B469792694CF3855D3F4C
                                    SHA1:7C04A2C1C808FA57057A4CCEEE66855251A3C231
                                    SHA-256:B9066A162BEE00FD50DC48C71B32B69DFFA362A01F84B45698B017A624F46824
                                    SHA-512:2E507CA6874DE8028DC769F3D9DFD9E5494C268432BA41B51568D56F7426F8A5F2E5B111DDD04259EB8D9A036BB4E3333863A8FC65AAB793BCEF39EDFE41403B
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "YEN. OLU.TUR".. },.. "explanationofflinedisabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Google Dok.manlar'. .nternet ba.lant.s. olmadan kullanmak i.in, .nternet'e ba.lanabildi.inizde Google Dok.manlar ana sayfas.nda Ayarlar'a gidin ve .evrimd... senkronizasyonu etkinle.tirin.".. },.. "explanationofflineenabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Ancak, yine de mevcut dosyalar. d.zenleyebilir veya yeni dosyalar olu.turabilirsiniz.".. },.. "extdesc": {.. "message": "Dok.man, e-tablo ve sunu olu.turun, bunlar. d.zenleyin ve g.r.nt.leyin. T.m bu i.lemleri internet eri.imi olmadan yapabilirsiniz.".. },.. "extname": {.. "message": "Google Dok.manlar .evrimd...".. },.. "learnmore": {.. "message": "Daha Fazla Bilgi".. },.. "popuphelptext": {.. "message": ".nternet ba.lant.n.z olsun veya olmas.n, nerede olursan.z olun yaz.n, d.zenl

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\uk\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1333
                                    Entropy (8bit):4.686760246306605
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:970963C25C2CEF16BB6F60952E103105
                                    SHA1:BBDDACFEEE60E22FB1C130E1EE8EFDA75EA600AA
                                    SHA-256:9FA26FF09F6ACDE2457ED366C0C4124B6CAC1435D0C4FD8A870A0C090417DA19
                                    SHA-512:1BED9FE4D4ADEED3D0BC8258D9F2FD72C6A177C713C3B03FC6F5452B6D6C2CB2236C54EA972ECE7DBFD756733805EB2352CAE44BAB93AA8EA73BB80460349504
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "........".. },.. "explanationofflinedisabled": {.. "message": ".. . ...... ....... ... ............. Google ........... ... ......... . .........., ......... . ............ .. ........ ........ Google .......... . ......... ......-............., .... ...... . .......".. },.. "explanationofflineenabled": {.. "message": ".. . ...... ......, ..... ... .... ...... .......... ........ ..... ... .......... .....".. },.. "extdesc": {.. "message": "........., ......... . ............ ........., .......... ....... .. ........... ... ....... .. ..........".. },.. "extname": {.. "message": "Goo

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\ur\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1263
                                    Entropy (8bit):4.861856182762435
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:8B4DF6A9281333341C939C244DDB7648
                                    SHA1:382C80CAD29BCF8AAF52D9A24CA5A6ECF1941C6B
                                    SHA-256:5DA836224D0F3A96F1C5EB5063061AAD837CA9FC6FED15D19C66DA25CF56F8AC
                                    SHA-512:FA1C015D4EA349F73468C78FDB798D462EEF0F73C1A762298798E19F825E968383B0A133E0A2CE3B3DF95F24C71992235BFC872C69DC98166B44D3183BF8A9E5
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "... ......".. },.. "explanationofflinedisabled": {.. "message": ".. .. .... .... Google Docs .. .... ....... ..... ....... .... ..... .... ... .. .. ....... .. ..... ... .. Google Docs ... ... .. ....... .. ..... ... .. .... ...... ..... .. .. .....".. },.. "explanationofflineenabled": {.. "message": ".. .. .... ... .... .. ... ... ...... ..... ... ..... .. .... ... .. ... ..... ... .... ....".. },.. "extdesc": {.. "message": ".......... .......... ... ....... . .... ... ....... .. ..... .. .... ...... ..... .... ... ..... .......".. },.. "extname": {.. "message": "Google Docs .. ....".. },.. "learnmore": {..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\vi\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1074
                                    Entropy (8bit):5.062722522759407
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:773A3B9E708D052D6CBAA6D55C8A5438
                                    SHA1:5617235844595D5C73961A2C0A4AC66D8EA5F90F
                                    SHA-256:597C5F32BC999746BC5C2ED1E5115C523B7EB1D33F81B042203E1C1DF4BBCAFE
                                    SHA-512:E5F906729E38B23F64D7F146FA48F3ABF6BAED9AAFC0E5F6FA59F369DC47829DBB4BFA94448580BD61A34E844241F590B8D7AEC7091861105D8EBB2590A3BEE9
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "T.O M.I".. },.. "explanationofflinedisabled": {.. "message": "B.n .ang ngo.i tuy.n. .. s. d.ng Google T.i li.u m. kh.ng c.n k.t n.i Internet, .i ..n c.i ..t tr.n trang ch. c.a Google T.i li.u v. b.t ..ng b. h.a ngo.i tuy.n v.o l.n ti.p theo b.n ...c k.t n.i v.i m.ng Internet.".. },.. "explanationofflineenabled": {.. "message": "B.n .ang ngo.i tuy.n, tuy nhi.n b.n v.n c. th. ch.nh s.a c.c t.p c. s.n ho.c t.o c.c t.p m.i.".. },.. "extdesc": {.. "message": "Ch.nh s.a, t.o v. xem t.i li.u, b.ng t.nh v. b.n tr.nh b.y . t.t c. m. kh.ng c.n truy c.p Internet.".. },.. "extname": {.. "message": "Google T.i li.u ngo.i tuy.n".. },.. "learnmore": {.. "message": "Ti.m hi..u th.m".. },.. "popuphelptext": {.. "message": "Vi.t, ch.nh s.a v. c.ng t.c

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\zh_CN\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):879
                                    Entropy (8bit):5.7905809868505544
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:3E76788E17E62FB49FB5ED5F4E7A3DCE
                                    SHA1:6904FFA0D13D45496F126E58C886C35366EFCC11
                                    SHA-256:E72D0BB08CC3005556E95A498BD737E7783BB0E56DCC202E7D27A536616F5EE0
                                    SHA-512:F431E570AB5973C54275C9EEF05E49E6FE2D6C17000F98D672DD31F9A1FAD98E0D50B5B0B9CF85D5BBD3B655B93FD69768C194C8C1688CB962AA75FF1AF9BDB6
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": "..".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ................ Google ....................".. },.. "explanationofflineenabled": {.. "message": ".............................".. },.. "extdesc": {.. "message": "...................... - ........".. },.. "extname": {.. "message": "Google .......".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "...............................".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\zh_HK\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):1205
                                    Entropy (8bit):4.50367724745418
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:524E1B2A370D0E71342D05DDE3D3E774
                                    SHA1:60D1F59714F9E8F90EF34138D33FBFF6DD39E85A
                                    SHA-256:30F44CFAD052D73D86D12FA20CFC111563A3B2E4523B43F7D66D934BA8DACE91
                                    SHA-512:D2225CF2FA94B01A7B0F70A933E1FDCF69CDF92F76C424CE4F9FCC86510C481C9A87A7B71F907C836CBB1CA41A8BEBBD08F68DBC90710984CA738D293F905272
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"createnew":{"message":"\u5efa\u7acb\u65b0\u9805\u76ee"},"explanationofflinedisabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\u3002\u5982\u8981\u5728\u6c92\u6709\u4e92\u806f\u7db2\u9023\u7dda\u7684\u60c5\u6cc1\u4e0b\u4f7f\u7528\u300cGoogle \u6587\u4ef6\u300d\uff0c\u8acb\u524d\u5f80\u300cGoogle \u6587\u4ef6\u300d\u9996\u9801\u7684\u8a2d\u5b9a\uff0c\u4e26\u5728\u4e0b\u6b21\u9023\u63a5\u4e92\u806f\u7db2\u6642\u958b\u555f\u96e2\u7dda\u540c\u6b65\u529f\u80fd\u3002"},"explanationofflineenabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\uff0c\u4f46\u60a8\u4ecd\u53ef\u4ee5\u7de8\u8f2f\u53ef\u7528\u6a94\u6848\u6216\u5efa\u7acb\u65b0\u6a94\u6848\u3002"},"extdesc":{"message":"\u7de8\u8f2f\u3001\u5efa\u7acb\u53ca\u67e5\u770b\u60a8\u7684\u6587\u4ef6\u3001\u8a66\u7b97\u8868\u548c\u7c21\u5831\uff0c\u5b8c\u5168\u4e0d\u9700\u4f7f\u7528\u4e92\u806f\u7db2\u3002"},"extname":{"message":"\u300cGoogle \u6587\u4ef6\u300d\u96e2\u7dda\u7248"},"learnmore":{"message":"\u77ad\u89e3\u8a

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\zh_TW\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):843
                                    Entropy (8bit):5.76581227215314
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:0E60627ACFD18F44D4DF469D8DCE6D30
                                    SHA1:2BFCB0C3CA6B50D69AD5745FA692BAF0708DB4B5
                                    SHA-256:F94C6DDEDF067642A1AF18D629778EC65E02B6097A8532B7E794502747AEB008
                                    SHA-512:6FF517EED4381A61075AC7C8E80C73FAFAE7C0583BA4FA7F4951DD7DBE183C253702DEE44B3276EFC566F295DAC1592271BE5E0AC0C7D2C9F6062054418C7C27
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "createnew": {.. "message": ".....".. },.. "explanationofflinedisabled": {.. "message": ".................. Google ................ Google .................".. },.. "explanationofflineenabled": {.. "message": ".........................".. },.. "extdesc": {.. "message": ".............................".. },.. "extname": {.. "message": "Google .....".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "................................".. }..}..

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_locales\zu\messages.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):912
                                    Entropy (8bit):4.65963951143349
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:71F916A64F98B6D1B5D1F62D297FDEC1
                                    SHA1:9386E8F723C3F42DA5B3F7E0B9970D2664EA0BAA
                                    SHA-256:EC78DDD4CCF32B5D76EC701A20167C3FBD146D79A505E4FB0421FC1E5CF4AA63
                                    SHA-512:30FA4E02120AF1BE6E7CC7DBB15FAE5D50825BD6B3CF28EF21D2F2E217B14AF5B76CFCC165685C3EDC1D09536BFCB10CA07E1E2CC0DA891CEC05E19394AD7144
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{"createnew":{"message":"DALA ENTSHA"},"explanationofflinedisabled":{"message":"Awuxhunyiwe ku-inthanethi. Ukuze usebenzise i-Google Amadokhumenti ngaphandle koxhumano lwe-inthanethi, iya kokuthi izilungiselelo ekhasini lasekhaya le-Google Amadokhumenti bese uvula ukuvumelanisa okungaxhunyiwe ku-inthanethi ngesikhathi esilandelayo lapho uxhunywe ku-inthanethi."},"explanationofflineenabled":{"message":"Awuxhunyiwe ku-inthanethi, kodwa usangakwazi ukuhlela amafayela atholakalayo noma udale amasha."},"extdesc":{"message":"Hlela, dala, futhi ubuke amadokhumenti akho, amaspredishithi, namaphrezentheshini \u2014 konke ngaphandle kokufinyelela kwe-inthanethi."},"extname":{"message":"I-Google Amadokhumenti engaxhumekile ku-intanethi"},"learnmore":{"message":"Funda kabanzi"},"popuphelptext":{"message":"Bhala, hlela, futhi hlanganyela noma yikuphi lapho okhona, unalo noma ungenalo uxhumano lwe-inthanethi."}}.

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\_metadata\verified_contents.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):11280
                                    Entropy (8bit):5.75007656410467
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:66CA3B4324CE2F09906C7A1D16A1C10F
                                    SHA1:38597793E98446B853F4680F0E3F51798D93B390
                                    SHA-256:FBE9C4BA4B6178A2DAF160A237C1E89AB73EE89EBD4FAAB490C8B4802B4976B1
                                    SHA-512:66FBF9E23CA0441A2018297B9E8F9AE3545E0F4C5165E0A4805948B23ED4A695E033A501B323D54300608763936BC66220405EC703AD5CB955A787F8B92BDA12
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:[{"description":"treehash per file","signed_content":{"payload":"eyJjb250ZW50X2hhc2hlcyI6W3siYmxvY2tfc2l6ZSI6NDA5NiwiZGlnZXN0Ijoic2hhMjU2IiwiZmlsZXMiOlt7InBhdGgiOiIxMjgucG5nIiwicm9vdF9oYXNoIjoiZ2NWZy0xWWgySktRNVFtUmtjZGNmamU1dzVIc1JNN1ZCTmJyaHJ4eGZ5ZyJ9LHsicGF0aCI6Il9sb2NhbGVzL2FmL21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJxaElnV3hDSFVNLWZvSmVFWWFiWWlCNU9nTm9ncUViWUpOcEFhZG5KR0VjIn0seyJwYXRoIjoiX2xvY2FsZXMvYW0vbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IlpPQWJ3cEs2THFGcGxYYjh4RVUyY0VkU0R1aVY0cERNN2lEQ1RKTTIyTzgifSx7InBhdGgiOiJfbG9jYWxlcy9hci9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiUjJVaEZjdTVFcEJfUUZtU19QeGstWWRrSVZqd3l6WEoxdURVZEMyRE9BSSJ9LHsicGF0aCI6Il9sb2NhbGVzL2F6L21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJZVVJ3Mmp4UU5Lem1TZkY0YS1xcTBzbFBSSFc4eUlXRGtMY2g4Ry0zdjJRIn0seyJwYXRoIjoiX2xvY2FsZXMvYmUvbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IjNmRm9XYUZmUHJNelRXSkJsMXlqbUlyRDZ2dzlsa1VxdzZTdjAyUk1oVkEifSx7InBhdGgiOiJfbG9jYWxlcy9iZy9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiSXJ3M3RIem9xREx6bHdGa0hjTllOWFoyNmI0WWVwT2t4ZFN

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\dasherSettingSchema.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):854
                                    Entropy (8bit):4.284628987131403
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:4EC1DF2DA46182103D2FFC3B92D20CA5
                                    SHA1:FB9D1BA3710CF31A87165317C6EDC110E98994CE
                                    SHA-256:6C69CE0FE6FAB14F1990A320D704FEE362C175C00EB6C9224AA6F41108918CA6
                                    SHA-512:939D81E6A82B10FF73A35C931052D8D53D42D915E526665079EEB4820DF4D70F1C6AEBAB70B59519A0014A48514833FEFD687D5A3ED1B06482223A168292105D
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{. "type": "object",. "properties": {. "allowedDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Allow users to enable Docs offline for the specified managed domains.",. "description": "Users on managed devices will be able to enable docs offline if they are part of the specified managed domains.". },. "autoEnabledDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Auto enable Docs offline for the specified managed domains in certain eligible situations.",. "description": "Users on managed devices, in certain eligible situations, will be able to automatically access and edit recent files offline for the managed domains set in this property. They can still disable it from Drive settings.". }. }.}.

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\manifest.json

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):2525
                                    Entropy (8bit):5.417632296087045
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:1048F1F4D861F5C812E5BC268EB68A06
                                    SHA1:4C9495A3202F63FD0878086F27310DB6D3BF5BE9
                                    SHA-256:8B3B5B96A5D6D7C613052B4A751C6632F5F91CB0A912C96E515978999B6F43F5
                                    SHA-512:158CA9FC4E59568C8D04B8F6AD16FD8216EE10D8869CE1E2DEC844E52D3D3B19BD98433665FA003552E8896A2691531141EE11FEF212D8D66283D7002ECE8C76
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:{.. "author": {.. "email": "docs-hosted-app-own@google.com".. },.. "background": {.. "service_worker": "service_worker_bin_prod.js".. },.. "content_capabilities": {.. "matches": [ "https://docs.google.com/*", "https://drive.google.com/*", "https://drive-autopush.corp.google.com/*", "https://drive-daily-0.corp.google.com/*", "https://drive-daily-1.corp.google.com/*", "https://drive-daily-2.corp.google.com/*", "https://drive-daily-3.corp.google.com/*", "https://drive-daily-4.corp.google.com/*", "https://drive-daily-5.corp.google.com/*", "https://drive-daily-6.corp.google.com/*", "https://drive-preprod.corp.google.com/*", "https://drive-staging.corp.google.com/*" ],.. "permissions": [ "clipboardRead", "clipboardWrite", "unlimitedStorage" ].. },.. "content_security_policy": {.. "extension_pages": "script-src 'self'; object-src 'self'".. },.. "default_locale": "en_US",.. "description": "__MSG_extDesc__",.. "externally_connectable": {.. "ma

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\offscreendocument.html

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:HTML document, ASCII text
                                    Category:dropped
                                    Size (bytes):97
                                    Entropy (8bit):4.862433271815736
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:B747B5922A0BC74BBF0A9BC59DF7685F
                                    SHA1:7BF124B0BE8EE2CFCD2506C1C6FFC74D1650108C
                                    SHA-256:B9FA2D52A4FFABB438B56184131B893B04655B01F336066415D4FE839EFE64E7
                                    SHA-512:7567761BE4054FCB31885E16D119CD4E419A423FFB83C3B3ED80BFBF64E78A73C2E97AAE4E24AB25486CD1E43877842DB0836DB58FBFBCEF495BC53F9B2A20EC
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:<!DOCTYPE html>.<html>.<body>. <script src="offscreendocument_main.js"></script>.</body>.</html>

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\offscreendocument_main.js

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text, with very long lines (4979)
                                    Category:dropped
                                    Size (bytes):124665
                                    Entropy (8bit):5.435477782179183
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:5656F8678589CF436A2E5C532A036A73
                                    SHA1:AF8B89F2C1596298B1652BE2B0C83EC25FFCFB21
                                    SHA-256:73E898C9A5EFE3A6B8C13B53880B55DD588CA09D543ECB102D965EAC32BB12D0
                                    SHA-512:7D2B0A2A65C607F0A7445E0AFBB31497D0D020A4A439935E49D14DE4539E555C76C03C3F60FBC78CEF300EE168EBFF4132D7B2ECB17ACEBB66DED18720C46AAA
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:'use strict';function aa(){return function(a){return a}}function k(){return function(){}}function n(a){return function(){return this[a]}}function ba(a){return function(){return a}}var p;function ca(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var da=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function fa(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var ha=fa(this);function r(a,b){if(b)a:{var c=ha;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&da(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new T

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\page_embed_script.js

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text, with very long lines (337)
                                    Category:dropped
                                    Size (bytes):338
                                    Entropy (8bit):4.672548006448335
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:C14D617E06059A9951C38413F8D3CBC4
                                    SHA1:1418D66BDA6097888B1467316B349DF77DDCC0DB
                                    SHA-256:FBD9369840EC4D8F3102CD865C5186E0C65DE80D67FBAA244CB7513BA839DE36
                                    SHA-512:80B14B7CC8A62F482AC5E5AB7DC9C74411FE3C9BB5675536889A552187BC10AEAD89110FF0479D37C81CE367474D9B7AF059059622B019CB17731EFC84F5284B
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:(function(){window._docs_chrome_extension_exists=!0;window._docs_chrome_extension_features_version=2;window._docs_chrome_extension_permissions="alarms clipboardRead clipboardWrite storage unlimitedStorage offscreen".split(" ");window._docs_chrome_extension_manifest_version=3;window._docs_chrome_extension_version="1.90.1";}).call(this);.

                                    C:\Users\user\AppData\Local\Temp\scoped_dir5860_453688628\CRX_INSTALL\service_worker_bin_prod.js

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    File Type:ASCII text, with very long lines (4982)
                                    Category:dropped
                                    Size (bytes):133385
                                    Entropy (8bit):5.419307384283421
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:D47E43B89EDCE51BC01FA656962401FE
                                    SHA1:8CDC456964CFBCC7CA62E58D6258C8535B48D980
                                    SHA-256:7E2AA9557DB237EE59473F8079197E4DE851F8FADDF3575BC345CBDE6AA49DFC
                                    SHA-512:548B6D023154D4404567E331FFDD7A740D6144924FD489E2D7FDA4A18DB94C67BBC493B72058E92878B8D2D1A8CBE58BF4AE7C5F73D7B3BBE6909C8E78BB828F
                                    Malicious:false
                                    Reputation:unknown
                                    Preview:'use strict';function aa(){return function(a){return a}}function k(){return function(){}}function n(a){return function(){return this[a]}}function ba(a){return function(){return a}}var p;function ca(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var da=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function ea(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var fa=ea(this);function r(a,b){if(b)a:{var c=fa;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&da(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new T

                                    C:\Users\user\Documents\Outlook Files\Outlook Data File - NoEmail.pst

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                    File Type:Microsoft Outlook email folder (>=2003)
                                    Category:dropped
                                    Size (bytes):271360
                                    Entropy (8bit):3.0870585839123654
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:F57A2C4817BA3B8609980F320DA2AE1E
                                    SHA1:D6447E6B03B6DBA840E7F28FFD20A1F243BDB9C8
                                    SHA-256:17D13BB8D40A9A215AB7311E1A9B94363B365317FC6E761678AD5BAE828410F5
                                    SHA-512:52BA880F27766D02267A42A297946E748BE4C7FEA4516BAC695FA6CB8A8619898340F4C98A86F41FEAF9AD1E729BFBE1190328AC99FCEF8B59048817E68191C1
                                    Malicious:true
                                    Reputation:unknown
                                    Preview:!BDN..3.SM......\...............M.......`................@...........@...@...................................@...........................................................................$.......D.......v..............E...............L......................................................................................................................................................................................................................................................................................................:=1Y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                    C:\Users\user\Documents\Outlook Files\~Outlook Data File - NoEmail.pst.tmp

                                    Download File
                                    Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                    File Type:data
                                    Category:dropped
                                    Size (bytes):131072
                                    Entropy (8bit):3.8610955267476044
                                    Encrypted:false
                                    SSDEEP:
                                    MD5:3A4822509C575225FD151DFFE83E229B
                                    SHA1:0C5C530B9CC7FCAC0A7A76CABD9A955422C040F4
                                    SHA-256:0B3284996A3727E7C37BB9A36B66A99242A4074D9B5F4AB3E984A7A42055B7B7
                                    SHA-512:45844E02D6AF9B4B4F2946D07D59BB01F3DEA8C4E57DCB8540BDBA734CD070B642645149B259304BD8644A736C08F4DF4C3F1500E60C52CD76479F652E507D9B
                                    Malicious:true
                                    Reputation:unknown
                                    Preview:...0...l............,...........D............#.................g...................................................................................................................................................................?...............................................................................................................................................................................................................................................................................................................................V...D........n.0...m............,...........B............#.........................................................................................................................................................................................................................................................................................................................................................................................................

                                    Static File Info

                                    General

                                    File type:Unicode text, UTF-8 (with BOM) text, with very long lines (304), with CRLF line terminators
                                    Entropy (8bit):5.648924185036376
                                    TrID:
                                    • Text - UTF-8 encoded (3003/1) 100.00%
                                    File name:Message.eml
                                    File size:29'476 bytes
                                    MD5:67daf8d51cd22f497711c123ab99c95c
                                    SHA1:613e03fb61ecfa18bf0498c4fc90824951d9782a
                                    SHA256:0323f875190a1d85f9438547e76ec838fadda1e8e468f1bc1140bd52a9a17ead
                                    SHA512:6f3caa74cc77e4e624e1c76381d83f0c399fb8e88c7e122ad2a1b76a2ec4adf97166d5b461614b3cfcfcc09b32733560be319c800fea140ffac1f3f9b8385043
                                    SSDEEP:384:0nwh+Rmn0oF0DnthkC2vSuz61To/1lKlvrCSg0sDqbvMmWiz:nn0oF0bkC2vSuz61To/1lKYtDTA
                                    TLSH:C6D2A317F3C018518C6B0A206543377DBB7958DA9B3248B4B5DFAB7E0B4DCC7A6C6289
                                    File Content Preview:..."Received: from VI0PR04MB10343.eurprd04.prod.outlook.com (2603:10a6:800:237::9).. by AS4PR04MB9649.eurprd04.prod.outlook.com with HTTPS; Tue, 1 Apr 2025.. 11:36:30 +0000..Received: from CWLP265CA0454.GBRP265.PROD.OUTLOOK.COM (2603:10a6:400:1b7::8).. by

                                    Static Mail

                                    General

                                    Subject:Roquette Payroll & Salary Bonus Distribution, REF ID-93110920
                                    From:Personnel Workforce Hub <info@umail.hinet.net>
                                    To:annie.picart@roquette.com
                                    Cc:
                                    BCC:
                                    Date:Tue, 01 Apr 2025 19:31:52 +0800
                                    Communications:
                                    • Vous nobtenez pas souvent de-mail partir de info@umail.hinet.net. Pourquoi cest important CAUTION: This email comes from outside of the organization. Do not click on any link or open attachments unless you recognize the sender and know the content is safe. If you believe it to be suspicious, report using the Report Message button in Outlook or in case of doubt, send to CyberAlert. Document ready for electronic review: 20664917 Docu-Sign Electronic Agreement A document is ready for your review Please complete this step within 24 hours Review Document Document for: annie.picart@roquette.com Reference: 20664917 This request will expire after 24 hours. Electronic signature service provided securely. Roquette 2025-04-01 Privacy Policy | Notification Preferences body,table,td,a{-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%} table,td{mso-table-lspace:0;mso-table-rspace:0} img{-ms-interpolation-mode:bicubic} .sg-import_notice{display:none!important} @media only screen and (max-width:480px){ .sg-container{width:100%!important} .sg-button{width:100%!important;text-align:center!important} .sg-content{padding:20px!important} } Vous nobtenez pas souvent de-mail partir de info@umail.hinet.net. Pourquoi cest important CAUTION: This email comes from outside of the organization. Do not click on any link or open attachments unless you recognize the sender and know the content is safe. If you believe it to be suspicious, report using the Report Message button in Outlook or in case of doubt, send to CyberAlert. Document ready for electronic review: 20664917 Docu-Sign Electronic Agreement A document is ready for your review Please complete this step within 24 hours Review Document Document for: annie.picart@roquette.com Reference: 20664917 This request will expire after 24 hours. Electronic signature service provided securely. Roquette 2025-04-01 Privacy Policy | Notification Preferences Vous nobtenez pas souvent de-mail partir de info@umail.hinet.net. Pourquoi cest important Vous nobtenez pas souvent de-mail partir de info@umail.hinet.net. Pourquoi cest important Vous nobtenez pas souvent de-mail partir de info@umail.hinet.net. Pourquoi cest important Vous nobtenez pas souvent de-mail partir de info@umail.hinet.net. Pourquoi cest important Vous nobtenez pas souvent de-mail partir de info@umail.hinet.net. Pourquoi cest important Pourquoi cest important https://aka.ms/LearnAboutSenderIdentification CAUTION: This email comes from outside of the organization. Do not click on any link or open attachments unless you recognize the sender and know the content is safe. If you believe it to be suspicious, report using the Report Message button in Outlook or in case of doubt, send to CyberAlert. Document ready for electronic review: 20664917 Docu-Sign Electronic Agreement A document is ready for your review Please complete this step within 24 hours Review Document Document for: annie.picart@roquette.com Reference: 20664917 This request will expire after 24 hours. Electronic signature service provided securely. Roquette 2025-04-01 Privacy Policy | Notification Preferences CAUTION: This email comes from outside of the organization. Do not click on any link or open attachments unless you recognize the sender and know the content is safe. If you believe it to be suspicious, report using the Report Message button in Outlook or in case of doubt, send to CyberAlert. CAUTION: CyberAlert Document ready for electronic review: 20664917 Docu-Sign Electronic Agreement A document is ready for your review Please complete this step within 24 hours Review Document Document for: annie.picart@roquette.com Reference: 20664917 This request will expire after 24 hours. Electronic signature service provided securely. Roquette 2025-04-01 Privacy Policy | Notification Preferences Document ready for electronic review: 20664917 Docu-Sign Electronic Agreement A document is ready for your review Please complete this step within 24 hours Review Document Document for: annie.picart@roquette.com Reference: 20664917 This request will expire after 24 hours. Electronic signature service provided securely. Roquette 2025-04-01 Privacy Policy | Notification Preferences Docu-Sign Electronic Agreement A document is ready for your review Please complete this step within 24 hours Review Document Document for: annie.picart@roquette.com Reference: 20664917 This request will expire after 24 hours. Electronic signature service provided securely. Roquette 2025-04-01 Privacy Policy | Notification Preferences Docu-Sign Electronic Agreement A document is ready for your review Please complete this step within 24 hours Review Document Document for: annie.picart@roquette.com Reference: 20664917 This request will expire after 24 hours. Electronic signature service provided securely. Roquette 2025-04-01 Privacy Policy | Notification Preferences Docu-Sign Electronic Agreement A document is ready for your review Please complete this step within 24 hours Review Document Document for: annie.picart@roquette.com Reference: 20664917 This request will expire after 24 hours. Electronic signature service provided securely. Roquette 2025-04-01 Privacy Policy | Notification Preferences Docu-Sign Electronic Agreement A document is ready for your review Please complete this step within 24 hours Review Document Document for: annie.picart@roquette.com Reference: 20664917 This request will expire after 24 hours. Electronic signature service provided securely. Roquette 2025-04-01 Privacy Policy | Notification Preferences Docu-Sign Electronic Agreement A document is ready for your review Please complete this step within 24 hours Review Document Document for: annie.picart@roquette.com Reference: 20664917 This request will expire after 24 hours. Electronic signature service provided securely. Roquette 2025-04-01 Privacy Policy | Notification Preferences Docu-Sign Electronic Agreement A document is ready for your review Please complete this step within 24 hours Review Document Document for: annie.picart@roquette.com Reference: 20664917 This request will expire after 24 hours. Electronic signature service provided securely. Roquette 2025-04-01 Privacy Policy | Notification Preferences Docu-Sign Electronic Agreement Docu-Sign Electronic Agreement Docu-Sign Electronic Agreement A document is ready for your review Please complete this step within 24 hours Review Document A document is ready for your review Please complete this step within 24 hours Review Document A document is ready for your review Please complete this step within 24 hours Review Document A document is ready for your review Please complete this step within 24 hours Review Document A document is ready for your review Please complete this step within 24 hours A document is ready for your review Please complete this step within 24 hours A document is ready for your review Please complete this step within 24 hours Review Document Review Document Review Document https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fprotect.checkpoint.com%2Fv2%2Fr02%2F___https%3A%2F%2Flsems.gravityzone.bitdefender.com%2FxhfsdfMW5hMR*~*QDb8SERyf7Kpg76m37bziMOmf7Su4H%2Fog75AU8ZcfMW5hMR*~*OYOLOYOL416mf1Bzf1W9fLcy4X%2FogDZDWrRqRp4qXsiKi50Li1mYV0KGYpWZi5x5WZO9RYG84Zu7iZKoj0K%2FV0NyZIKs3YSDSqGzXEWPSMWPh7C7h7Kt3YqNjKuw4MO83D6wZ5BDR7C8ZpqSXoGPV8m*~*YMq7gL%2Fy1Mm4W5iZZs08g5Wp36KKWZSYhKJDV8i4gEWIWqi341uPirOQX6m1SM0*~*27yqi8O8W10GXH6Zi00*~*1s0fi8umjLqDi5B9S6cEhq0IRZ%2FsXYl9jr95R506Vpmn28mKS1y7gKiY2E0oZEmQ0rK9SomV37Wug2GkTMSrVr48VZKGZKckh7yATKWsOrZc1MqyfqKngpc4S555S5KIf5u74YWNfIKQZEmxRpyAgZRr370qU1WyXsGog0OG3qi9frOuS1u4ZY5cdH7a%2FcbJHcIIHI5G968FbHa99GaKF9%2F6c*~*bHF5GH9b5ba7GGc%2F*~*Jc*~*aHKKHJ9bGa8%3Fh%3D6%26fru%3Bn%3D6%26fru%3Bithx%3D6___.YzJlOmdhbmdzdGVyOmM6bzo1ODIxNzI4NDUwZDc4MGU0OGZkYTIyYjM3ZTM1ZDEyOTo3OjNmYmY6ZTQ3YjcxMTFjMTA4NzkwZjI4Njk4OGJiYTAwOWEyZGVmODIyM2Q3YzliMWFjNWYzOGU1NmEyMDJlZGE4N2U2NTpoOlQ6VA&data=05%7C02%7Cannie.picart%40roquette.com%7Cd3382e1c0a174b8512b008dd711157df%7C1c81ebf96e524cf8b2c4a3b65e90edf9%7C0%7C0%7C638791041910776261%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C60000%7C%7C%7C&sdata=a%2FR6NtdndmlCz9gOgnbVS8UyN6MUIL0v7kNJohK%2F47g%3D&reserved=0 Document for: annie.picart@roquette.com Reference: 20664917 This request will expire after 24 hours. Electronic signature service provided securely. Document for: annie.picart@roquette.com Reference: 20664917 This request will expire after 24 hours. Electronic signature service provided securely. Document for: annie.picart@roquette.com Reference: 20664917 This request will expire after 24 hours. Electronic signature service provided securely. Document for: annie.picart@roquette.com Reference: 20664917 This request will expire after 24 hours. Electronic signature service provided securely. Document for: annie.picart@roquette.com Reference: 20664917 This request will expire after 24 hours. Electronic signature service provided securely. Document for: annie.picart@roquette.com Reference: 20664917 This request will expire after 24 hours. Electronic signature service provided securely. Document for: annie.picart@roquette.com Reference: 20664917 This request will expire after 24 hours. Electronic signature service provided securely. Roquette 2025-04-01 Privacy Policy | Notification Preferences Roquette 2025-04-01 Privacy Policy | Notification Preferences Roquette 2025-04-01 Privacy Policy | Notification Preferences Roquette 2025-04-01 Privacy Policy | Notification Preferences Roquette 2025-04-01 Privacy Policy | Notification Preferences Roquette 2025-04-01 Privacy Policy | Notification Preferences Roquette 2025-04-01 Privacy Policy | Notification Preferences Privacy Policy # Notification Preferences #
                                    Attachments:
                                      Key Value
                                      "Receivedfrom VI0PR04MB10343.eurprd04.prod.outlook.com (2603:10a6:800:237::9) by AS4PR04MB9649.eurprd04.prod.outlook.com with HTTPS; Tue, 1 Apr 2025 11:36:30 +0000
                                      Receivedfrom bangle1.us-east4-b.c.melodic-subject-455100-e3.internal. (1-160-1-210.dynamic-ip.hinet.net [1.160.1.210]) by msr19.hinet.net (8.15.2/8.15.2) with ESMTP id 531BVqLN028468 for <annie.picart@roquette.com>; Tue, 1 Apr 2025 19:31:53 +0800
                                      Authentication-Resultsspf=neutral (sender IP is 168.95.7.122) smtp.mailfrom=umail.hinet.net; dkim=fail (body hash did not verify) header.d=umail.hinet.net;dmarc=none action=none header.from=umail.hinet.net;compauth=pass reason=105
                                      Received-SPFNeutral (protection.outlook.com: 168.95.7.122 is neither permitted nor denied by domain of umail.hinet.net)
                                      DKIM-Signaturev=1; a=rsa-sha256; c=relaxed/relaxed; d=umail.hinet.net; s=default; t=1743507114; bh=0wOzHI57mj05/u9DWdhi6p57DpU/cYwJoJ3vPcdAgHQ=; h=From:To:Subject; b=Ff/WpQQixztW2+iFtmbddb+DOP7DnDk1eliLhvMPnOLeq9hGSAH4LQz5vmsgQRKSA an89Pb5mBGVIyONucgpv9vnZI3jAj5lmdgnE8Tyzyx9O2ixTC4ikqemw/McEjSauQt 4RN/8j7xkKhfRWFnD3zGfsGMc70Eo+GCm9+Wz0U4=
                                      DateTue, 01 Apr 2025 19:31:52 +0800
                                      Message-ID<202504011131.531BVqLN028468@msr19.hinet.net>
                                      Content-Typemultipart/mixed; boundary="===============1215088414157595732=="
                                      FromPersonnel Workforce Hub <info@umail.hinet.net>
                                      Toannie.picart@roquette.com
                                      SubjectRoquette Payroll & Salary Bonus Distribution, REF ID-93110920
                                      X-HiNet-BrightmailSpam
                                      X-CMAE-Score96
                                      X-CMAE-Analysisv=2.4 cv=DORKXwBb c=1 sm=1 tr=0 ts=67ebceab p=cVoWysvEkVj--0QV:21 a=n3/0v0eMRr2x33II0fx65A==:117 a=n3/0v0eMRr2x33II0fx65A==:17 a=HpEJnUlJZJkA:10 a=DBwwDor5xuMA:10 a=SSmOFEACAAAA:8 a=6WQS3RXxAAAA:8 a=oP8baBYZAAAA:8 a=jGSmM5_jAAAA:8 a=tNp8S2D5zSDoDPSC5jgA:9 a=frz4AuCg-hUA:10 a=_W_S_7VecoQA:10 a=lqcHg5cX4UMA:10 a=r-HJ9bD__24A:10 a=CjuIK1q_8ugA:10 a=s_KHD6aHcoUgXWm27CaZ:22 a=ImwWUX5h3JJ3gRE9moBe:22 a=QRQtw5rIidgxVgm1yNxs:22
                                      Return-Pathinfo@umail.hinet.net
                                      X-MS-Exchange-Organization-ExpirationStartTime01 Apr 2025 11:35:45.9098 (UTC)
                                      X-MS-Exchange-Organization-ExpirationStartTimeReasonOriginalSubmit
                                      X-MS-Exchange-Organization-ExpirationInterval1:00:00:00.0000000
                                      X-MS-Exchange-Organization-ExpirationIntervalReasonOriginalSubmit
                                      X-MS-Exchange-Organization-Network-Message-Idd3382e1c-0a17-4b85-12b0-08dd711157df
                                      X-EOPAttributedMessage0
                                      X-EOPTenantAttributedMessage1c81ebf9-6e52-4cf8-b2c4-a3b65e90edf9:0
                                      X-MS-Exchange-Organization-MessageDirectionalityIncoming
                                      X-MS-PublicTrafficTypeEmail
                                      X-MS-TrafficTypeDiagnosticAM3PEPF0000A79B:EE_|VI0PR04MB10343:EE_|AS4PR04MB9649:EE_
                                      X-MS-Exchange-Organization-AuthSourceAM3PEPF0000A79B.eurprd04.prod.outlook.com
                                      X-MS-Exchange-Organization-AuthAsAnonymous
                                      X-MS-Office365-Filtering-Correlation-Idd3382e1c-0a17-4b85-12b0-08dd711157df
                                      X-MS-Exchange-AtpMessagePropertiesSA|SL
                                      X-MS-Exchange-Organization-SCL1
                                      X-Microsoft-AntispamBCL:0;ARA:13230040|2092899012|12012899012|5073199012|4073199012|27102699006|31052699007|4076899003|7053199007|8096899003|43540500003;
                                      X-Forefront-Antispam-ReportCIP:168.95.7.122;CTRY:TW;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:dmsr2.hinet.net;PTR:dmsr2.hinet.net;CAT:NONE;SFTY:9.25;SFS:(13230040)(2092899012)(12012899012)(5073199012)(4073199012)(27102699006)(31052699007)(4076899003)(7053199007)(8096899003)(43540500003);DIR:INB;SFTY:9.25;
                                      X-MS-Exchange-CrossTenant-OriginalArrivalTime01 Apr 2025 11:35:45.1754 (UTC)
                                      X-MS-Exchange-CrossTenant-Network-Message-Idd3382e1c-0a17-4b85-12b0-08dd711157df
                                      X-MS-Exchange-CrossTenant-Id1c81ebf9-6e52-4cf8-b2c4-a3b65e90edf9
                                      X-MS-Exchange-CrossTenant-AuthSourceAM3PEPF0000A79B.eurprd04.prod.outlook.com
                                      X-MS-Exchange-CrossTenant-AuthAsAnonymous
                                      X-MS-Exchange-CrossTenant-FromEntityHeaderInternet
                                      X-MS-Exchange-Transport-CrossTenantHeadersStampedVI0PR04MB10343
                                      X-MS-Exchange-Transport-EndToEndLatency00:00:45.6911022
                                      X-MS-Exchange-Processed-By-BccFoldering15.20.8534.033
                                      X-Microsoft-Antispam-Mailbox-Delivery ucf:0;jmr:0;auth:0;dest:I;ENG:(910005)(944506478)(944626604)(4710137)(4712040)(4999040)(920097)(930097)(140003)(1420198);
                                      X-Microsoft-Antispam-Message-Info 8Hc1tqa5HH+idQueytr2tH/mV0LP32MP70ljzGcu/q0ouT06oiU/qMfpYw/iLBBw1fOWoVuYJg7kLX9t+P4Aljgth0tS0v+5LBTt/zHKt4hV0KccAuKSiSycMbMy7fGWcdz5kYT3c6EDQPTgmXv+p8jZqFS/k4dJMHNWZCYuBgEFOwX35wchUMerP98WBnWmVXvcWvLVFm3oYAqsiro9+NBcWKzXcEwcdwfQ1tfaGyXfcdM2VbRWQ3bHfuSktyfY9MYtq8TzLimsMdydzNJ8bBaAwK/wYaQgkx7/9r9LstxBJyfp2n/KS0QerazbiQ5VOD2TltnzaZGMJ/q+ACtRFfS3qygNCyLLNe6RBCALxbIeO44pH/376ruZhhOmOFgFav/9kY83zVNyB0pvE76gvrr96TRPqF25PKsD1nroJoprK10B28ZS9dpxE3CAicxcHrMTdLj76CIwYlE4wjH6JV6/gYOW8aPfhDM8HrDieWuU7fMUhSbYOx/xW7mFccjFxoE1IZoZr900JAVHoFM2pruQ4DYeT+xfHwb0ln7aBUsww73w/ONlMUa2+HoxkY9PYnPr5Zo8JtSu+Vom5ieqR0eiNUfQXY7QDO5bg24B7wBPr+2ggAQViAktRcXjFMXjhOBZttjaaTprelCML4SSnbgCW9v/+QZ/OES+qKgpP1fPBaQ83SN7ujzEZiyiKsm6ZgsCTpyCShWob54A1ViLLUHCabEQF2/6HOOWYzFcmokTNmwGi1pdLI/RWH7yUF3VYP6yIW1Tsbv2P6C8ufDS5KFBjR+uEh3R3uqCYsi/y/HV4EhfSYfcuTBPJKN592OfHfCMd8hDubopwgyob6PWP2X7L3wKz0fs+MF2t1qyTDnpxWf4cFQJvQjT/BRd3rZ5xUmfkNxIDoLWxj0YvzqQMkXa6EbVDmKf3yeLlRJPbFiXm9bL8XUm+bMy2xj8pIA3PyDPobKU0FTpabqeWZFZ7UA75+O+ZeIklD0Tj6bPT9nS3D48CSu1hiF0tyPFQpWa7OcBGyQDtBC/xKKdgb/W+J2IYKd7eiNfgaehlEZmumYn+NpsxhSFc9u5IDyQSuwjHBuGNgmveP5etuWimXpfLzkmFCmKaDyF6l29F1reRWkOOpQvX1zNYmkJOAdbHzjMR/voDh0MndOHDC+7v8LjCIFUIH1c80IemPlFHkDXWGFr6C8jq3/iJmZ2a5N/zkxu/drThklGmLRpeDcn0jr8+KFUKPmydoIWjmyUSIYAx2lk0fNteJ1N6dIRe89jbfvrJ5MdAH6g00PpdEfknUqX68yYRqWDZbCrLr8sawRzk/tn+vLaQa2u+SPJUtbFYt0DS5mE/xlRmHL4QLXechdyg62Fl9MKHte78AkbZl7bi405PoB/QPHwjx422L3RQLqp+sZ5vECbWxXw3pLyA6EPDwbghhM5UzyWqTM+3YTrPjb0ioHr+PzhjMdiKvcjO9EsJeQK2mVzK1D0unHe/CSDX83+h9DOtpo6Az5RudzODjWw4GavnhrZjsHyXTAuVJxs7H1CetA5cJDkjbk+7PSVFusV68ZB5cs+lfbhu+0xDeVbKumqIVKA/QrrfLMrIGYLU+y889U96lLZuQmpDUnf90KCaQinEMXU64kMsxnKzyxsTCjG4hlTHrtLINOqDr6aCPHCcmCS2F2Wrtb51WxcHYIqB84EQw2T50sVmpoEAw4S4V7Z9dYZJqagtQ1QlQoxHG5YbbKwj+pvhZyBo2U48aKsc3W3HJGQ9NYBikkiLTsmAvYewTA9zxdJdOo7vjWmau0dtyYmJdzgU63yqOTIWzLZGWvERpnuX6uIzx0lLb/6bP4QaS+VOeTXc2P/hcUaPHdntYM1oXoaYQhfHvod6QgNgeATsD3yoFyXPC+S6nW8nRWh6vcuSXHbCbRVtGoRF55DPqUvcIkYDX45qcDxoLEtibgh2aQHlUHOFz29if1R+9e3qMBwVa7sN9SYalNxj1DslA4EG9ni4ipNNnO5cyS1qUgxi4kBYIooUl0SHDjuF0UJmhDL69HgrLsrWltCfNLbA8sERCTWeQfk5+AMu0s5J5hwxXgNcaBFzwwmviHn8vvt+IFZvsC9Iu186fMXdaAWZ9w5Nkl4g8AjBwZ2+AyfBmnflEmCR+wnopg6JtGOjdKjuxX0Hi7ZhFNbJhXcpSHk/q/oEZjZlox1/RUEDg6vAzzwY3wt9W2TnSNzPDbirlxykcGzGvycD0/6EjLA39tVlXW3+fI823QSMU9BNg==
                                      MIME-Version1.0

                                      File Icon

                                      Icon Hash:46070c0a8e0c67d6