Windows Analysis Report
BrowserUpdateTool.exe

Overview

General Information

Sample name:	BrowserUpdateTool.exe
Analysis ID:	1501393
MD5:	9e89fefaa6e3d99c3824d5e68dc8d3a2
SHA1:	d11ea624bdc348af474128d338f012b7caf4b2d3
SHA256:	162e4277a4cb2e3703df74529d83d47b66a5b46b0a93b3ac902b56da3e588fe9
Tags:	ClickFixexe
Infos:

Detection

Score:	19
Range:	0 - 100
Whitelisted:	false
Confidence:	40%

Signatures

Found strings related to Crypto-Mining

Creates a process in suspended mode (likely to inject code)

IP address seen in connection with other malware

Installs a raw input device (often for capturing keystrokes)

Monitors certain registry keys / values for changes (often done to protect autostart functionality)

PE file contains executable resources (Code or Archives)

PE file contains more sections than normal

PE file contains sections with non-standard names

Queries keyboard layouts

Queries the volume information (name, serial number etc) of a device

Sample file is different than original file name gathered from version info

Uses a known web browser user agent for HTTP communication

Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Classification

Signatures

Bitcoin Miner

Found strings related to Crypto-Mining

Source: msedgewebview2.exe, 00000002.00000002.2934535244.00004C640304C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: jsecoin.com/
Source: msedgewebview2.exe, 00000002.00000002.2934535244.00004C640304C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: coinhive.com/

Source: BrowserUpdateTool.exe

Static PE information: certificate valid

Source: BrowserUpdateTool.exe

Static PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE

Source:	Binary string: MpGear.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: BTR.pdbGCTL source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: KSLDriver.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: KSLD.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: /_/artifacts/obj/Microsoft.CodeAnalysis.CSharp/Release/net7.0/Microsoft.CodeAnalysis.CSharp.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: /_/artifacts/obj/Microsoft.CodeAnalysis.CSharp/Release/net7.0/Microsoft.CodeAnalysis.CSharp.pdbSHA256C source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: offreg.pdbH source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: KSLDriver.pdbGCTL source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: MsMpEngCP.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF330000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: BTR.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: MsMpEngSvc.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: mpengine.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: MsMpEngSvc.pdbGCTL source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: Microsoft.CodeAnalysis.CSharp.ni.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: MsMpEngCP.pdbGCTL source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF330000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: offreg.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: KSLD.pdbGCTL source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: MpGear.pdbGCTL source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: output file name with .pdb extension) source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: mpengine.pdbOGPS source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Network\3ac53f57-dfab-444d-a69f-4fabb3044db1.tmp	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Network\SCT Auditing Pending Reports	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\	Jump to behavior

IP address seen in connection with other malware

Source: Joe Sandbox View	IP Address: 162.159.61.3 162.159.61.3
Source: Joe Sandbox View	IP Address: 185.199.111.133 185.199.111.133
Source: Joe Sandbox View	IP Address: 172.64.41.3 172.64.41.3
Source: Joe Sandbox View	IP Address: 151.101.130.137 151.101.130.137
Source: Joe Sandbox View	IP Address: 151.101.130.137 151.101.130.137

Uses a known web browser user agent for HTTP communication

Source: global traffic	HTTP traffic detected: GET /jquery-3.7.1.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveAccept: /User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47 wails.iosec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://wails.localhost/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /n3r4zzurr0/svg-spinners/main/preview/90-ring-with-bg-black-36.svg HTTP/1.1Host: raw.githubusercontent.comConnection: keep-aliveAccept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47 wails.iosec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://wails.localhost/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8

Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /jquery-3.7.1.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveAccept: /User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47 wails.iosec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://wails.localhost/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /n3r4zzurr0/svg-spinners/main/preview/90-ring-with-bg-black-36.svg HTTP/1.1Host: raw.githubusercontent.comConnection: keep-aliveAccept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47 wails.iosec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://wails.localhost/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8

Source: msedgewebview2.exe, 00000002.00000002.2937017514.00004C64036F0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: ?www.facebook.com equals www.facebook.com (Facebook)
Source: msedgewebview2.exe, 00000002.00000002.2937165871.00004C6403724000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: dLwww.facebook.com equals www.facebook.com (Facebook)
Source: msedgewebview2.exe, 00000008.00000003.1682298933.00004C18008A4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.2344807362.00004C18008A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1676983955.00004C18008A4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://microsoftstart.msn.cn/https://rewards.microsoft.com/https://www.microsoftnews.com/https://www.facebook.com/www.staging-bing-int.comaction.getBadgeTextColorbrowserAction.openPopupmanifest:browser_action@ equals www.facebook.com (Facebook)
Source: msedgewebview2.exe, 00000002.00000002.2930853182.00004C64026B4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1682298933.00004C18008A4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.2344807362.00004C18008A8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.facebook.com/* equals www.facebook.com (Facebook)
Source: msedgewebview2.exe, 00000002.00000002.2927782050.00004C64022D4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2937165871.00004C6403724000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2937017514.00004C64036F0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)

Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: raw.githubusercontent.com
Source: global traffic	DNS traffic detected: DNS query: chrome.cloudflare-dns.com
Source: global traffic	DNS traffic detected: DNS query: 198.187.3.20.in-addr.arpa

Source: unknown

HTTP traffic detected: POST /dns-query HTTP/1.1Host: chrome.cloudflare-dns.comConnection: keep-aliveContent-Length: 128Accept: application/dns-messageAccept-Language: *User-Agent: ChromeAccept-Encoding: identityContent-Type: application/dns-message

Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://.ocx.cabhtml:file::LowTelemetry
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671847131.00000A7400150000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/1423136
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2162
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2517
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2970
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2970r
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3078
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3078P
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3205
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3205c
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3206
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3452
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3452Q
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3498
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3498n
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3502
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3502W
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3577
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3584
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3586
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3586i
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2934760720.00004C64030D4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919224282.00000A74000A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3623
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2934760720.00004C64030D4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919224282.00000A74000A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3624
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2934760720.00004C64030D4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919224282.00000A74000A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3625
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3832
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3862
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3965
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3970
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4324
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4324y
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4384
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4405
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4428
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4428B
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4551
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4633
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4633=
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4722
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4722X
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4836
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4901
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4901T
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4937
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4937Z
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2927124013.00004C640221C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671847131.00000A7400150000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5007
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5055
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5061
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5061(
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5281
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5371
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5375
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5375S
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5421
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5430
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5535
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5658
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5750
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5881
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5881&
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5901
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/59013
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5906
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5906#
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5906.
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/59061
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6041
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6048
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6141
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6248
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6439
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6651
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6692
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6755
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6755g
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6860
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/68605
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6876
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6876R
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6878
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6929
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6929H
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6953
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2930294080.00004C64025DC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671847131.00000A7400150000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7036
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7047
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7047:
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7172
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7279
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7370
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7370o
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7406
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7406;
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7488
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7553
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7556
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2927124013.00004C640221C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671847131.00000A7400150000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7724
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671847131.00000A7400150000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7760
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7761
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/8162
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/8162K
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/8215
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/8215O
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/8229
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/8229Y
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2927124013.00004C640221C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/8280
Source: BrowserUpdateTool.exe, 00000000.00000002.2913919025.000000C000C00000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.certigna.fr/certignarootca.crl
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000BE2000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.certigna.fr/certignarootca.crl01
Source: BrowserUpdateTool.exe, 00000000.00000002.2913919025.000000C000C00000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.certigna.fr/certignarootca.crlhttp://crl.dhimyotis.com/certignarootca.crl
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A24000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C0001EA000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A24000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl091
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A24000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.comodoca.com/COMODOCertificationAuthority.crl
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A4A000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.comodoca.com/COMODOCertificationAuthority.crl0
Source: BrowserUpdateTool.exe, 00000000.00000002.2913919025.000000C000C00000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.dhimyotis.com/certignarootca.crl
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000BE2000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.dhimyotis.com/certignarootca.crl0
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A24000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.globalsign.net/root-r2.crl
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000509000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.globalsign.net/root-r2.crl0
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A24000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.globalsign.net/root-r2.crlEntrust.net
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A24000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.netsolssl.com/NetworkSolutionsCertificateAuthority.crl
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A4A000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.netsolssl.com/NetworkSolutionsCertificateAuthority.crl0
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A24000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.securetrust.com/SGCA.crl
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A4A000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.securetrust.com/SGCA.crl0
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A24000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.securetrust.com/SGCA.crl=
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A24000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.securetrust.com/STCA.crl
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A4A000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.securetrust.com/STCA.crl0
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A24000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.xrampsecurity.com/XGCA.crl
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C0001EA000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.xrampsecurity.com/XGCA.crl0
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A24000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.xrampsecurity.com/XGCA.crlGo
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000509000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://earth.google.com/kml/2.0
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000509000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://earth.google.com/kml/2.1
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000509000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://earth.google.com/kml/2.2
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919858714.00000A7400104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://issuetracker.google.com/200067929
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000570000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.accv.es
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A70000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.accv.es0
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000570000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.accv.esTWCA
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://onsi.github.io/ginkgo/#%s
Source: msedgewebview2.exe, 00000002.00000002.2931159496.00004C640273C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://playinfo.gomlab.com/ending_browser.gom?product=GOMPLAYER
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C00083A000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://repository.swisssign.com/0
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
Source: BrowserUpdateTool.exe, 00000000.00000002.2929630610.0000619000244000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2930944054.00006190006F8000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2929459975.0000619000220000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2917172639.000000C000DF0000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2929518614.0000619000230000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1698629405.00004C640076C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2918286922.0000019D0A527000.00000004.08000000.00040000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2934018054.00004C6402E90000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2934176396.00004C6402EF8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2912053743.0000785800070000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2911931844.0000785800060000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2916085503.000078580023C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2912533142.00007858000B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2911794989.0000785800054000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000002.2900246129.0000408400024000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000002.2895372254.000001E782BB7000.00000004.10000000.00040000.00000000.sdmp, data_1.6.dr	String found in binary or memory: http://wails.localhost
Source: BrowserUpdateTool.exe, 00000000.00000002.2917172639.000000C000DF0000.00000004.00001000.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933875020.00004C6402E5C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2932491826.00004C6402B84000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2934866795.00004C6403104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933062655.00004C6402C80000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2934796071.00004C64030EC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2928410425.00004C6402384000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1679353468.00004C64032F8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1698751840.00004C6402450000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2929780617.00004C640249F000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933288615.00004C6402D0C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.2258233470.00004C64032ED000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2930294080.00004C64025DC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1679285905.00004C640321C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2927124013.00004C640221C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2928716071.00004C64023D4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1679329198.00004C64030E0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2934057311.00004C6402EA4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2930853182.00004C64026B4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/
Source: msedgewebview2.exe, 00000002.00000002.2934866795.00004C6403104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2934796071.00004C64030EC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1679329198.00004C64030E0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost//newsbar
Source: msedgewebview2.exe, 00000002.00000002.2934796071.00004C64030EC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1679329198.00004C64030E0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/83a6a7c59200
Source: msedgewebview2.exe, 00000002.00000002.2931825028.00004C6402AA0000.00000004.00000800.00020000.00000000.sdmp, History.2.dr	String found in binary or memory: http://wails.localhost/Browser
Source: msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/Char
Source: msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/CharB
Source: msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/CharX
Source: BrowserUpdateTool.exe, 00000000.00000002.2913919025.000000C000C00000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/Internal
Source: msedgewebview2.exe, 00000002.00000002.2928410425.00004C6402384000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2929629224.00004C6402460000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/Ld
Source: msedgewebview2.exe, 00000002.00000002.2933875020.00004C6402E5C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/P
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000570000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/TranslateMessageDispatchMessageWUser-Agent
Source: msedgewebview2.exe, 00000002.00000002.2928410425.00004C6402384000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2929629224.00004C6402460000.00000004.00000800.00020000.00000000.sdmp, ce7a59cbee8b4379_0.2.dr	String found in binary or memory: http://wails.localhost/assets/index.25ad37ba.js
Source: BrowserUpdateTool.exe, 00000000.00000002.2919669132.0000019BCC8BD000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/brave.svga
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E88000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/brave.svghttp://wails.localhost/brave.svg
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/chrome-beta.svg
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/chrome-beta.svghttp://wails.localhost/chromium.svgInternal
Source: BrowserUpdateTool.exe, 00000000.00000002.2913919025.000000C000C00000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1692541612.0000019BCC8BE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/chrome.svg
Source: BrowserUpdateTool.exe, 00000000.00000002.2913919025.000000C000C00000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/chrome.svgInternal
Source: BrowserUpdateTool.exe, 00000000.00000003.1692541612.0000019BCC8BE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/chrome.svgs
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.1696087200.000078580038C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1697435546.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1698087246.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1696826623.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1696636671.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.2344856112.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/chromium.svg
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/chromium.svgbackend.App.GetBrowsers-2302447986
Source: BrowserUpdateTool.exe, 00000000.00000003.1692541612.0000019BCC8BE000.00000004.00000020.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E88000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2919669132.0000019BCC8BD000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1697435546.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1698087246.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1696826623.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1696636671.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.2344856112.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/edge.svg
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E88000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/edge.svghttp://wails.localhost/edge.svg
Source: msedgewebview2.exe, 00000002.00000002.2933875020.00004C6402E5C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2934866795.00004C6403104000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/erPolicy
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2919669132.0000019BCC8BD000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2932491826.00004C6402B84000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933654153.00004C6402DD0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2934176396.00004C6402EF8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2931941203.00004C6402ABC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.2098078642.00004C1801500000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000002.2895372254.000001E782BB7000.00000004.10000000.00040000.00000000.sdmp	String found in binary or memory: http://wails.localhost/favicon.ico
Source: msedgewebview2.exe, 00000002.00000002.2933654153.00004C6402DD0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2931941203.00004C6402ABC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/favicon.ico2
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/favicon.icoInternal
Source: BrowserUpdateTool.exe, 00000000.00000002.2930356511.00006190002D0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2918286922.0000019D0A527000.00000004.08000000.00040000.00000000.sdmp	String found in binary or memory: http://wails.localhost/favicon.icofmethodcGETgheaders
Source: BrowserUpdateTool.exe, 00000000.00000003.1692541612.0000019BCC8BE000.00000004.00000020.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1697435546.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1698087246.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1696826623.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1696636671.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.2344856112.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/firefox.svg
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/firefox.svgInternal
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000570000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/http://wails.localhost/
Source: msedgewebview2.exe, 00000002.00000002.2933288615.00004C6402D0C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/ipe
Source: BrowserUpdateTool.exe, 00000000.00000002.2930356511.00006190002D0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2918286922.0000019D0A527000.00000004.08000000.00040000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2928028384.00004C6402328000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/jUser-Agentx
Source: BrowserUpdateTool.exe, 00000000.00000002.2919669132.0000019BCC834000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/n
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1697435546.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1698087246.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1696826623.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1696636671.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.2344856112.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/opera-gx.svg
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/opera-gx.svgInternal
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/opera-gx.svghttp://wails.localhost/chrome-beta.svgInternal
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E88000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/opera.svghttp://wails.localhost/opera.svg
Source: msedgewebview2.exe, 00000002.00000002.2932491826.00004C6402B84000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/oratorOnPMSequenceify
Source: BrowserUpdateTool.exe, 00000000.00000002.2917172639.000000C000DF0000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/pW%
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://wails.localhost/runtime.WindowReload();msSmartScreenProtectiononly
Source: msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/w
Source: msedgewebview2.exe, 00000002.00000003.1679353468.00004C64032F8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/wails/ipc.js
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000582000.00000004.00001000.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933288615.00004C6402D0C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1679285905.00004C640321C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2930853182.00004C64026B4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2932372135.00004C6402B4C000.00000004.00000800.00020000.00000000.sdmp, 1afe9cacc9803fd2_0.2.dr	String found in binary or memory: http://wails.localhost/wails/runtime.js
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000582000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/wails/runtime.jsInternal
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000582000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/wails/runtime.jshttp://wails.localhost/assets/index.25ad37ba.jsInternal
Source: msedgewebview2.exe, 00000002.00000002.2934866795.00004C6403104000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/windows/newsbar
Source: msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost:80
Source: BrowserUpdateTool.exe, 00000000.00000002.2917172639.000000C000DF0000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhostpW%
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.4399.com/flash/32979.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.4399.com/flash/48399.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.4399.com/flash/seer.htm
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A70000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1.crt0
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A70000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A70000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl0
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A70000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl0B1
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A70000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.accv.es/legislacion_c.htm0U
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A70000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.accv.es00
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000B18000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.cert.fnmt.es/dpcs/0
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000436000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.collada.org/2005/11/COLLADASchema
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C0000A4000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.firmaprofesional.com/cps0
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000036000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.garmin.com/xmlschemas/TrainingCenterDatabase/v2
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=webreferrerEvalError
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://www.ibm.com/data/dtd/v11/ibmxhtml1-transitional.dtd%v:
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000509000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.opengis.net/gml
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000509000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://www.opengis.net/gml/3.2
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000036000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000509000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://www.opengis.net/gml/3.3/exr
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000509000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.opengis.net/kml/2.2
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C00083A000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.quovadis.bm0
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C0000A4000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.quovadisglobal.com/cps0
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000036000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000509000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.topografix.com/GPX/1/1
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://If-MatchInfinityCancelIotext/xmltext/csv.geojsontext/rtftext/vtttext/rssfont/ttffont/otf.tor
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/4830
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/4966
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/5845
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/6574
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7161
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7162
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7246
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7308
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7308E
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7319
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7319h
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7320
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7369
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/73697
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7369F
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7369J
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7382
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/73826
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7489
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7604
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7714
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7847
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7899
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000BE2000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://api.cloudflare.com/client/v4
Source: msedgewebview2.exe, 00000002.00000002.2929022814.00004C640240C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://azureedge.net/
Source: msedgewebview2.exe, 00000002.00000002.2930420867.00004C640260C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://baduk.hangame.com/?utm_source=baduk&utm_medium=icon&utm_campaign=shortcut
Source: msedgewebview2.exe, 00000002.00000002.2929288055.00004C6402434000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cdn.designerapp.osi.office.net/
Source: msedgewebview2.exe, 00000002.00000002.2929288055.00004C6402434000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cdn.edog.designerapp.osi.office.net/
Source: msedgewebview2.exe, 00000002.00000002.2929288055.00004C6402434000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cdn.int.designerapp.osi.office.net/
Source: BrowserUpdateTool.exe, 00000000.00000002.2917172639.000000C000DB8000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675867905.0000619000398000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675759587.0000619000644000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1677666100.0000019BCC890000.00000004.00000020.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675914297.00006190006D0000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675288454.00006190006B4000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675450421.000061900067C000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675124142.0000619000398000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675815983.000061900060C000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2917172639.000000C000D88000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000942000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675192944.00006190003B4000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2917172639.000000C000DF0000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675221871.00006190003B4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1677371751.00004C64032A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2928716071.00004C64023D4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1677415384.00004C640328C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2929629224.00004C6402460000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1677476928.00004C6403238000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://code.jquery.com/jquery-3.7.1.min.js
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://code.jquery.com/jquery-3.7.1.min.jshttp://wails.localhost/firefox.svgInternal
Source: msedgewebview2.exe, 00000002.00000002.2932741360.00004C6402BE0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1711111569.00004C6403308000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2913208128.00007858000E4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2270950364.000078580028A000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.1708284697.0000785800388000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2911794989.0000785800054000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2912634435.00007858000CA000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2270950364.0000785800288000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.1727208342.00007858002AA000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.1706017081.0000785800388000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1709270172.00004C1800C4C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000002.2895998296.000001E782BFD000.00000004.10000000.00040000.00000000.sdmp, data_2.6.dr	String found in binary or memory: https://csp.withgoogle.com/csp/apps-themes
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://daringfireball.net/projects/markdown/).
Source: msedgewebview2.exe, 00000002.00000002.2929288055.00004C6402434000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2928626686.00004C64023C0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://designerapp-dogfood.azurewebsites.net/
Source: msedgewebview2.exe, 00000002.00000002.2929288055.00004C6402434000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2928626686.00004C64023C0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://designerapp-int.azurewebsites.net/
Source: msedgewebview2.exe, 00000002.00000002.2929288055.00004C6402434000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2928626686.00004C64023C0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://designerapp.azurewebsites.net/
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://doi.org/GetPartitions:
Source: msedgewebview2.exe, 00000002.00000002.2935912672.00004C64032D4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2929965812.00004C64024C0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://edge-conumer-static.azureedge.net/static/edropstatic/2023/09/13/2/static/js/main.2c5481de.js
Source: BrowserUpdateTool.exe, 00000000.00000003.1674672079.0000619000338000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675867905.0000619000398000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1674541119.0000619000320000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675759587.0000619000644000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675036155.0000619000350000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C0001BC000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675914297.00006190006D0000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675288454.00006190006B4000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675450421.000061900067C000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1674307964.0000619000314000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675124142.0000619000398000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675815983.000061900060C000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2917172639.000000C000D88000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000942000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675192944.00006190003B4000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A0E000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1674882235.0000619000344000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2917172639.000000C000DF0000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1674647869.000061900032C000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675221871.00006190003B4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://esm.run/
Source: BrowserUpdateTool.exe, 00000000.00000002.2930944054.00006190006F8000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2929459975.0000619000220000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2929518614.0000619000230000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2918286922.0000019D0A527000.00000004.08000000.00040000.00000000.sdmp, msedgewebview2.exe, 00000008.00000002.2895372254.000001E782BB7000.00000004.10000000.00040000.00000000.sdmp	String found in binary or memory: https://fonts.googleapis.com/
Source: BrowserUpdateTool.exe, 00000000.00000002.2913919025.000000C000C5C000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2919669132.0000019BCC834000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2911931844.0000785800060000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.2298208397.00004C1800DD8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1685248498.00004C1800788000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1685095470.00004C1800DD8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1696826623.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1696636671.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, data_1.6.dr	String found in binary or memory: https://fonts.googleapis.com/css2?family=Roboto:wght
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000036000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2919669132.0000019BCC8C4000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2911931844.0000785800060000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2912533142.00007858000B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000002.2895372254.000001E782BB7000.00000004.10000000.00040000.00000000.sdmp, data_1.6.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000036000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2https://fonts.gstatic.com/s/rob
Source: msedgewebview2.exe, 00000002.00000002.2928410425.00004C6402384000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2912533142.00007858000B0000.00000004.00000800.00020000.00000000.sdmp, data_1.6.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Source: BrowserUpdateTool.exe, 00000000.00000002.2919669132.0000019BCC87D000.00000004.00000020.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000036000.00000004.00001000.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2911931844.0000785800060000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2912533142.00007858000B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000002.2895372254.000001E782BB7000.00000004.10000000.00040000.00000000.sdmp, data_1.6.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000036000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2https://fonts.gstatic.com/s/roboto/
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EFD3C000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://github.com/dotnet/roslyn
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://github.com/go-sql-driver/mysql/wiki/strict-modeChannel
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000014000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000071000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md#deprecated-cli-app-action-signature
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000071000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md#deprecated-cli-app-action-signatureC:
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000014000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md#deprecated-cli-app-action-signatureMozilla
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000014000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000071000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/urfave/cli/blob/master/CHANGELOG.md#deprecated-cli-app-action-signature
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000014000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/urfave/cli/blob/master/CHANGELOG.md#deprecated-cli-app-action-signaturewindow.wai
Source: msedgewebview2.exe, 00000002.00000002.2929022814.00004C640240C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://google.com/
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://gorm.io/docs/hooks.htmlAn
Source: msedgewebview2.exe, 00000002.00000002.2931159496.00004C640273C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://hao123-static.cdn.bcebos.com/manual-res/jump_index.html
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000308000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://iamcrede/v1/projects/-/s:generateAccessT-.09AZ__az-.09AZ__az-.09AZ__az-.09AZ__az-.09AZ__az-.
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C00045E000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://iamcredentials./v1/projects/-/serviceAccounts/:generateAccessTokenThe
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A70000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://iamcredentials.X-Appengine-Api-TicketX-Google-DappertraceinfoX-Appengine-User-IpX-Appengine-
Source: BrowserUpdateTool.exe, 00000000.00000002.2913919025.000000C000C00000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://iamcredentials.X-Appengine-Current-NamespaceX-Google-Rpc-Service-EndpointX-Google-Rpc-Servic
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919858714.00000A7400104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/161903006
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919858714.00000A7400104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/166809097
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919858714.00000A7400104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/184850002
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919858714.00000A7400104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/187425444
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/220069903
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919858714.00000A7400104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/229267970
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919858714.00000A7400104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/250706693
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919858714.00000A7400104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/253522366
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919858714.00000A7400104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/255411748
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919858714.00000A7400104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/258207403
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919858714.00000A7400104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/274859104
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919858714.00000A7400104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/284462263
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2934725094.00004C64030C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918348926.00000A7400024000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/issues/166475273
Source: msedgewebview2.exe, 00000002.00000002.2927305335.00004C6402258000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2914587041.0000019D050F4000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2919197827.0000019D0B932000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://login.live.com
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://login.microsoftonline.com/google.protobuf.Struct.FieldsEntryccm:
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://login.microsoftonline.us/cockroach.errorspb.EncodedWrappercockroach.errorspb.StringsPayload&
Source: msedgewebview2.exe, 00000002.00000002.2929022814.00004C640240C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://msn.cn/
Source: msedgewebview2.exe, 00000002.00000002.2929022814.00004C640240C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://msn.com/
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://news.4399.com/aoyazhiguang/
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A24000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://ocsp.quovadisoffshore.com
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C00083A000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://ocsp.quovadisoffshore.com0
Source: msedgewebview2.exe, 00000002.00000002.2929022814.00004C640240C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://office.net/
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://onsi.github.io/gomega/#adjusting-output
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://onsi.github.io/gomega/#eventually
Source: msedgewebview2.exe, 00000002.00000002.2932952723.00004C6402C3C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2927124013.00004C640221C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2928626686.00004C64023C0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2916085503.000078580023C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/
Source: msedgewebview2.exe, 00000002.00000002.2932251345.00004C6402B1C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/Logout?source=ChromiumBrowser&continue=https://permanently-remov
Source: msedgewebview2.exe, 00000002.00000002.2927305335.00004C6402258000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/encryption/unlock/desktop?kdi=CAIaDgoKY2hyb21lc3luYxAB
Source: msedgewebview2.exe, 00000002.00000002.2930794775.00004C64026A4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/v1:GetHints
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C0001A2000.00000004.00001000.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2912533142.00007858000B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.1691619209.000078580038C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.2298208397.00004C1800DD8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1697435546.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1709270172.00004C1800C4C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1698087246.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1685248498.00004C1800788000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1685095470.00004C1800DD8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1696826623.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1696636671.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.2344856112.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, data_1.6.dr	String found in binary or memory: https://raw.githubusercontent.com/n3r4zzurr0/svg-spinners/main/preview/90-ring-with-bg-black-36.svg
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/100030_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/10305_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/10379.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/10379_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/107884_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/109832_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/110975_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/112689_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/115339_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/117227_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/117945_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/118852_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/122099_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/12669_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/127539_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/130389_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/130396.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/130396_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/132028.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/133630_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/134302_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/136516_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/137116_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/137953_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/1382_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/145991_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/151915_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/155283_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/155476_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/15548_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/160944_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/163478_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/171322_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/173634_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/177937_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/17801_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/18012.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/18012_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/180977_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/18169_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/187040_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/187228_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/188593.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/188739_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/189558_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/191203_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/195673_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/195673_4.htmhttps://www.4399.com/flash/191203_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/195990_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/198491_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/198637_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/198660_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/199408_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/202061_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/202574_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/202604_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/202692_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/202724_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/202785.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/202819_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/202828_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/202901_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/202907_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/202911_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203018_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203093_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203152.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203153_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203154.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203166_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203178_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203215_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203231_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203369_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203371_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203404_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203453_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203476_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203481_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203495_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203515_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203564_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203682_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203768_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204044_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204056_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204206.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204255_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204290_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204422_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204429_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204562_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204650_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204685_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204886_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204926_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204952_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204989_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/205090_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/205147.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/205165.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/205182.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/205235_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/205325_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/205341_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/205462_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/205536_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/205551_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/205845_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/206114_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/20660_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/206724_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/206724_3.htmhttps://www.4399.com/flash/20660_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/207195_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/207717_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/208107_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/209567_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/210650_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/212767_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/21552_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/216417_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/21674_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/217370_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/217603_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/217622_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/217629_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/217706_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/217815_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/217844_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/217855_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/217926_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/218066_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/218162_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/218717_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/218860_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/218939_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/220266_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/221162_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/221700_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/221839_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/222061_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/222151_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/222442_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/22287_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/223745.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/223745_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/225193_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/227465_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/230446_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/231814_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/27924.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/27924_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/32979_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/35538.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/35538_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/3881_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/3883_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/39379_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/40779_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/41193_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/42760_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/43689_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/43841_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/47931_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/48272_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/48504.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/48504_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/55146_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/59227_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/60369_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/6232_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/63805_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/65731_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/69112_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/69156_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/93398_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/93551_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/yzzrhj.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/zmhj.htm
Source: msedgewebview2.exe, 00000002.00000002.2931159496.00004C640273C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/zmhj.htm#search3-6407
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://www.apple.com/appleca/0
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000582000.00000004.00001000.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2928028384.00004C6402328000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.catcert.net/verarrel
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000582000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.catcert.net/verarrel05
Source: BrowserUpdateTool.exe, 00000000.00000000.1643024414.00007FF6EC1F9000.00000008.00000001.01000000.00000003.sdmp, BrowserUpdateTool.exe, 00000000.00000000.1643024414.00007FF6EC2EC000.00000008.00000001.01000000.00000003.sdmp	String found in binary or memory: https://www.googleapis.com/auth/cloud-platform
Source: BrowserUpdateTool.exe, 00000000.00000000.1643024414.00007FF6EC2EC000.00000008.00000001.01000000.00000003.sdmp	String found in binary or memory: https://www.googleapis.com/auth/cloud-platform.read-only
Source: BrowserUpdateTool.exe, 00000000.00000000.1643024414.00007FF6EC1F9000.00000008.00000001.01000000.00000003.sdmp	String found in binary or memory: https://www.googleapis.com/auth/datastoreB
Source: BrowserUpdateTool.exe, 00000000.00000000.1643024414.00007FF6EC2EC000.00000008.00000001.01000000.00000003.sdmp	String found in binary or memory: https://www.googleapis.com/auth/devstorage.full_control
Source: BrowserUpdateTool.exe, 00000000.00000000.1643024414.00007FF6EC2EC000.00000008.00000001.01000000.00000003.sdmp	String found in binary or memory: https://www.googleapis.com/auth/devstorage.read_only
Source: BrowserUpdateTool.exe, 00000000.00000000.1643024414.00007FF6EC2EC000.00000008.00000001.01000000.00000003.sdmp	String found in binary or memory: https://www.googleapis.com/auth/devstorage.read_writeB
Source: msedgewebview2.exe, 00000002.00000002.2931159496.00004C640273C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.ludashi.com/cms/server/monitor.php?id=
Source: msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2927124013.00004C640221C000.00000004.00000800.00020000.00000000.sdmp, Top Sites.2.dr	String found in binary or memory: https://www.office.com/
Source: msedgewebview2.exe, 00000002.00000002.2936057775.00004C64032F8000.00000004.00000800.00020000.00000000.sdmp, Top Sites.2.dr	String found in binary or memory: https://www.office.com/Office
Source: msedgewebview2.exe, 00000002.00000002.2936057775.00004C64032F8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.office.com/Office8
Source: msedgewebview2.exe, 00000002.00000002.2936057775.00004C64032F8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.office.com/OfficeeEATE
Source: msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.office.com/wdL
Source: msedgewebview2.exe, 00000002.00000002.2931159496.00004C640273C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.so.com/s?ie=
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000BE2000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://wwww.certigna.fr/autorites/0m

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443

Installs a raw input device (often for capturing keystrokes)

Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp

Binary or memory string: GetRawInputData

memstr_396dedc1-7

PE file contains executable resources (Code or Archives)

Source: BrowserUpdateTool.exe	Static PE information: Resource name: BINARY type: PE32+ executable (DLL) (console) x86-64, for MS Windows
Source: BrowserUpdateTool.exe	Static PE information: Resource name: BINARY type: PE32+ executable (DLL) (console) x86-64, for MS Windows
Source: BrowserUpdateTool.exe	Static PE information: Resource name: RT_RCDATA type: PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows

PE file contains more sections than normal

Source: BrowserUpdateTool.exe

Static PE information: Number of sections : 12 > 10

Sample file is different than original file name gathered from version info

Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenameMsMpEngCP.exeZ vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenameMsMpEngSvc.dllZ vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenamempengine.dllZ vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenameMpGear.dllZ vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenameMicrosoft.CodeAnalysis.CSharp.dll\ vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF330000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenameKSLD.sysZ vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilename vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: \Unknown member: doshdr.%spevars not availableUnknown member: pehdr.%sInvalid index in DataDirectory: %dInvalid index in opclog: %dInvalid index in fopclog2: %dInvalid index in epcode: %dInvalid index in fopclog: %dUnknown member: peattributes.%sInvalid section %d or bigger than NumberOfSection=%d!__mmap_ex() failedpe_fofs_to_mofs failed!__mmap_ex(%d) failedmmap_patch(): buffer is emptymmap_patch_buff() failedpe_mofs_to_fofs(%d) failedUfsSeekRead(%d) failedImageName is NULLStringCchCopyA failedFileDescriptionInternalNameCompanyNamepe.get_versioninfo() failed to create the StringVersionIterator: %sInvalid sigattr_head indexpe.vm_search: mask_size != buffer_sizeInvalid index in netmetadata.tokens: %dpe.get_fixedversioninfo() failed to create the StringVersionIterator: %sFileVersionFileTypeFileSubtypeFileDateOriginalFilenameProductVersionFileFlagsMaskFileFlagsFileOSpe.metadata_decode: decode failed for 0x%xInvalid index in v->imps: %dfnrvape.metadata_decode: Invalid field index %d (should be 1-based)9m vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: ClearOriginalFileName vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: $OFNAllowIdenticalNamesClearOriginalFileName vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: mZOriginalFileNameMaintenanceWindow vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: mZOriginalFileNameMaintenanceWindowprocessed%zd files in Moac, %zd skipped (cached), %zd filename setOriginalFileName Maintenance:HintENG:OFNPROCESSED:) vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: .?AVCMaintenanceOriginalFileNameTask@@ vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenameBTR.sysZ vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenameoffreg.dllj% vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenameKSLDriver.sysZ vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: GetOriginalFileName vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SetOriginalFileName vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: ENG:OFNSET:SetOriginalFileNameProcess:process:// vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFileName vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFileNameCreatorProcessId<Process ProcessId="%u" ProcessCreationTime="%llu" CreatorProcessId="%u" CreatorProcessCreationTime="%llu" Name="%s" IsExcluded="%u" IsFriendly="%u"> vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SecondParameterBM_RegistryKeyDeleteBM_RegistryKeyRenameBM_RegistryDeleteValueBM_RegistrySetValueBM_OpenFileBM_DeleteFileBM_RegistryKeyCreateBM_FileMetaDataBM_ProcessCreateBM_RawWriteBM_NetworkDetectionBM_ProcessStartBM_NetworkDataSendBM_NetworkConnectBM_RemoteThreadCreateBM_BootSectorChangeBM_Etw_PsSetLoadImageNotifyRoutineBM_EngineInternalBM_Etw_SetEventHookBM_Etw_TerminateProcessBM_ModuleLoadBM_ArDetectionBM_RegistryBlockDeleteBM_RegistryBlockSetBM_Etw_OpenThreadBM_Etw_OpenProcessBM_Etw_RegisterShutdownBM_Etw_RegisterLastShutdownBM_Etw_NtAdjustPrivilegesBM_Etw_RegisterInputDevicesBM_Etw_WriteMemoryBM_Etw_SetThreadContextBM_RegistryBlockReplaceBM_RegistryBlockRestoreBM_DesktopBM_VolumeMountBM_RegistryRestoreBM_Etw_CreateLinkBM_RegistryBlockRenameBM_RegistryReplaceBM_Etw_SetWindowsHookBM_Etw_BlockExploitBM_CreateFolderBM_Etw_GetAsyncKeyStateBM_BlockOpenProcessBM_OpenProcessBM_Etw_CodeInjectionBM_RegistryBlockCreateBM_EnumFolderBM_Etw_WMIExecMethodBM_Etw_OCTAGON_PROCESS_TOKEN_TAMPERING_ENFORCEBM_RenameFolderBM_Etw_DirEnumBM_Etw_AllocVmLocalBM_Etw_WMIActivityNewBM_Etw_ClearLogBM_Etw_OCTAGON_DANGEROUS_DEVICE_PRESENT_AUDITBM_Etw_OCTAGON_DRIVER_DISPATCH_REDIRECTION_AUDITBM_HardLinkFileBM_Etw_OCTAGON_RUNTIME_CI_FAILURE_AUDITBM_Etw_OCTAGON_DANGEROUS_DEVICE_PRESENT_ENFORCEBM_Etw_OCTAGON_DRIVER_DISPATCH_REDIRECTION_ENFORCEBM_Etw_OCTAGON_PROCESS_TOKEN_TAMPERING_AUDITBM_Etw_OCTAGON_RUNTIME_CI_FAILURE_ENFORCEBM_Etw_CredEnumerateBM_Etw_CredReadCredentialsBM_Etw_CredFindBestCredentialBM_Etw_CredReadDomainCredentialsBM_DLPBM_CopyFileBM_Etw_OCTAGON_PROCESS_TAMPERING_AUDITBM_Etw_OCTAGON_PROCESS_TAMPERING_ENFORCEBM_TaintBM_Etw_VaultGetUniqueCredentialBM_Amsi_MatchBM_Amsi_ScanBM_Etw_CredBackupCredentialsBM_Etw_CredReadByTokenHandleBM_Etw_VaultEnumerateCredentialsBM_Etw_VaultFindCredentialsBM_Etw_LogonFailureBM_Etw_LogonSuccessBM_Etw_AccountPasswordChangedBM_Etw_UserAccountChangedBM_Etw_BITSCreateBM_Etw_LDAPSearchBM_Etw_ScheduledTaskUpdateBM_Etw_ScheduledTaskCreateBM_Etw_ExploitProtectionBM_Etw_UserAccountCreatedBM_Network_VolumeBM_Network_PortOpenBM_Etw_HiveHistoryClearBM_Etw_AccountPasswordResetBM_SignatureTriggerBM_OriginalFileNameBM_Etw_UnloadDriverBM_Etw_LoadDriverBM_Etw_UnloadDeviceBM_Etw_LoadDeviceBM_Etw_ResumeThreadBM_Etw_SuspendThreadBM_Etw_ResumeProcessBM_Etw_SuspendProcessBM_Etw_ServiceHostStartedBM_Etw_ServiceChangeAccountInfoBM_Network_FailureBM_Etw_ServiceStartedBM_Etw_ServiceStopBM_Etw_ProtectVmLocalBM_Etw_ServiceChangeBinaryPathBM_Etw_ServiceChangeStartTypeAL""L"%ls""%hS"BM_Etw_AllocVmRemoteBM_Etw_ProtectVmRemoteBM_Etw_V2CodeInjectionBM_Etw_ReadVmRemoteATTR_%08lxSigSeqThreatName{0, %ls, __attr_none__, %ls, %ls}0x%lXError while processing Event, i.e you're missing an event.Error while processing Event: ID = [%d], HR = [%lx]IsPePlusIsPeFileInfoIsPacked vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenameCompanyNameCommentsLegalCopyrightProductNameFileDescriptionLegalTrademarksPeStaticCRC3LengthCRC1IatSkipCRC3CRC2CopyrightCommentsArchitectureTrademarksFileVersionPeStaticsEpSecSectionKCRC2KCRC1KCRC3InternalNameFileDescriptionOriginalFileNamePEUnknownx86ia64x64 vs BrowserUpdateTool.exe

Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ED5F7000.00000002.00000001.01000000.00000003.sdmp

Binary or memory string: h2EgHM.VbpMsfk

Source: classification engine

Classification label: clean19.mine.winEXE@14/149@9/5

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe

File created: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe

Jump to behavior

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe

Mutant created: NULL

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe

File created: C:\Users\user\AppData\Local\Temp\f89a6234-c655-4792-86ba-7884a20c76f4.tmp

Jump to behavior

Source: C:\Users\user\Desktop\BrowserUpdateTool.exe

File opened: C:\Windows\system32\ed0b56060be0ad26fb474772af3ea508b402b8615416d4a32c035ed7ca52f20bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

Jump to behavior

Source: BrowserUpdateTool.exe

Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: C:\Users\user\Desktop\BrowserUpdateTool.exe

Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File read: C:\Windows\System32\drivers\etc\hosts			Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File read: C:\Windows\System32\drivers\etc\hosts			Jump to behavior

Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT 1 FROM SQLITE_MASTER WHERE type=? AND name=? LIMIT 1;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO FileLowFiAsync(Key, FileName, SigSeq, SigSha, SigIsSync, InstanceTimeStamp) VALUES(?, ? , ? , ? , ? , ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM ProcessBlockHistory WHERE ProcessPath = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO AnomalyInfo(Key, UnbiasedTime) VALUES (?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(13, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(1) FROM AutoFeatureControl;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT DISTINCT TableName FROM AnomalyTables;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key FROM FileHashes WHERE FileHashes.Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(1) FROM RansomwareDetections;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE %Q.%s SET tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqlite_autoindex%%' AND type='index' THEN 'sqlite_autoindex_' \|\| %Q \|\| substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(1) FROM NetworkIpFirewallRules;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO RollingQueuesValues(EntryTable, EntryKey, EntryValue, InsertTime, ExpireTime) VALUES(? , ? , ? , ? , ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key, VSN, FileID, USN, InstanceTimeStamp, SHA1, MD5, SHA256, LSHASH, LSHASHS, CTPH, PartialCRC1, PartialCRC2, PartialCRC3, KCRC1, KCRC2, KCRC3, KCRC3n FROM FileHashes WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ProcessPath, TimeStamp, TargetPath, RuleId, IsAudit, Action, ProcessTaintReason, ProcessIntegrity FROM ProcessBlockHistory WHERE ProcessPath = ? ORDER BY TimeStamp DESC;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT COUNT(1) FROM FileLowFiAsync;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID from RecordIdentifier WHERE Key = ? AND RecordTimeStamp = ? ;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(1) FROM SystemFileCache WHERE CleanFileShaHash = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(6, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(14, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO %Q.%s VALUES('index',%Q,%Q,#%d,%Q);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM DynSigRevisions WHERE DynSigRevisions.Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ProcessPath, TimeStamp, TargetPath, RuleId, IsAudit, Action, ProcessTaintReason, ProcessIntegrity FROM ProcessBlockHistory WHERE ProcessPath = ? AND TimeStamp = ? ORDER BY TimeStamp DESC;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ProcessPath, TimeStamp, TargetPath, RuleId, IsAudit, Action, ProcessTaintReason, ProcessIntegrity FROM ProcessBlockHistory WHERE RuleId = ? ORDER BY TimeStamp DESC;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(4, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key, Name, Capacity, TimeToLive, Mode FROM RollingQueuesTables WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO BmFileStartupActions(FilePathHash, FilePath, ActionFlags, ProcessStartCount, FdrFlags, FdrThreatRecordId, EvaluatorThreatRecordId, TrustedInstallerThreatRecordId, LFRThreatRecordId) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO BmFileActions(FileInfoId, ThreatRecordId, Action) VALUES (?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(5, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key, Name, Count, InsertTime, ExpireTime, UpdateTime, ScalarFactor, LinearFactor, DecayInterval, HighCount, LastDecayTime FROM AtomicCounters WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM FolderGuardPaths WHERE UserIdHash = ? LIMIT 1;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO RansomwareDetections(Key, DetectionGuid, LkgTS, NextUSN, DetectionTS, ProvisionalRemedComplTS, RemedComplTS, ImpactedCBPNameSpaces, InstanceTimeStamp) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(12, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT CleanFileSha, CleanFileShaHash FROM SystemFileCache WHERE InstanceTimeStamp < ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT PersistId, PersistIdBlob, ExpirationDate FROM AmsiFileCache WHERE ExpirationDate < DateTime(?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO DynSigRevisions(Key, SdnRevision, EsuRevision, BFRevision, EntCertRevision, TamperRevision, AGBlobRevision, BFFileAllowRevision, BFFileBlockRevision, BFCertAllowRevision, BFCertBlockRevision) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key, RecordTimeStamp, Generation FROM RecordIdentifier WHERE RecordIdentifier.ID IN (SELECT FileInstance.RecordID from FileInstance WHERE FileInstance.ParentRecordID = ? );
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT RuleAction, RuleId, IsAudit, IsInherited, State FROM BmHipsRuleInfo WHERE ProcessInfoId = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key, FirewallRuleName, ExpiryTime FROM NetworkIpFirewallRules WHERE ExpiryTime < ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(1) FROM SystemFileCache;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ProcessPath, TimeStamp, TargetPath, RuleId, IsAudit, Action, ProcessTaintReason, ProcessIntegrity FROM ProcessBlockHistory WHERE ProcessPath = ? ORDER BY TimeStamp DESC LIMIT 1;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO BmFileInfo(NormalizedPathHash, DosPathHash, StructVersion, NormalizedPath, DosPath, Wow64Context, MetaContext, IsFromWeb, IsExecutable) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(1) FROM SdnEx;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(3, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO FileInstance(InstanceTimeStamp, RecordID, ScanID, TrackingEnabled, StorageEvent, StorageEventState, ModificationsCount, ParentRecordID, Parent_FileEvent, Parent_FileName, Parent_ProcessID, Remote_ProcessID, FileID, FileName, USN, CreateTime, LastAccessTime, LastWriteTime, Signer, SignerHash, Issuer, SigningTime, MOTW, MOTWFromParent,IsValidCert, CertInvalidDetails, IsCatalogSigned) VALUES(?, ? , ?, ?, ?, ? , ? , ? , ? , ? , ?, ?, ?, ?, ?, ? , ? , ? , ? , ? , ?, ?, ?, ?, ?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT EntryTable, EntryKey, EntryValue, InsertTime, ExpireTime FROM RollingQueuesValues WHERE EntryTable = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO AtomicCounters(Key, Name, Count, InsertTime, ExpireTime, UpdateTime, ScalarFactor, LinearFactor, DecayInterval, HighCount, LastDecayTime) VALUES(? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Version, Current, LastUpdated FROM SQLiteGlobals WHERE Current = 1 ORDER BY Version DESC ;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM AmsiFileCache WHERE AmsiFileCache.PersistId = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO AttributeCounts(Key, Name, Count, InsertTime, ExpireTime) VALUES(? , ? , ? , ? , ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(28, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO AttributePersistContext(Key, FilePath, Context, InsertTime, ExpireTime) VALUES(? , ? , ? , ? , ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE AtomicCounters SET Name = ?, Count = ?, InsertTime = ?, ExpireTime = ?, UpdateTime = ?, ScalarFactor = ?, LinearFactor = ?, DecayInterval = ?, HighCount = ?, LastDecayTime = ?, WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID from File WHERE SHA1 = ? ;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO ScanInfo(SigSeq, PersistSigSeq, ProgenitorPersistSigSeq, ScanAgent, NamedAttributes, PeAttributes, SigAttrEvents, ScanReason, WebURL, EngineID, SigSha) VALUES(? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ? );
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT COUNT(DISTINCT ProcessPath) FROM ProcessBlockHistory;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM Engine WHERE EngineVersion = ? AND SigVersion = ? ;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO AmsiFileCache(PersistId, PersistIdBlob, ExpirationDate) VALUES (?, ?, DateTime('now', ?));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT COUNT(1) FROM AttributePersistContext;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(1) FROM SystemRegistryCache;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(24, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID, NormalizedPathHash, DosPathHash, StructVersion, NormalizedPath, DosPath, Wow64Context, MetaContext, IsFromWeb, IsExecutable FROM BmFileInfo WHERE NormalizedPathHash = ? OR DosPathHash = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(11, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO RansomwareDetections(Key, DetectionGuid, LkgTS, NextUSN, DetectionTS, ProvisionalRemedComplTS, RemedComplTS, ImpactedCBPNameSpaces, InstanceTimeStamp) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?);DELETE FROM RansomwareDetections WHERE InstanceTimeStamp < ?; SELECT Count(1) FROM RansomwareDetections;DELETE FROM RansomwareDetections WHERE Key = ?;SELECT DetectionGuid, LkgTS, NextUSN, DetectionTS, ProvisionalRemedComplTS, RemedComplTS, ImpactedCBPNameSpaces FROM RansomwareDetections WHERE Key = ?;SELECT ID FROM RansomwareDetections WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(31, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM BmFileInfo WHERE NormalizedPathHash = ? OR DosPathHash = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO BmFileStartupActions(FilePathHash, FilePath, ActionFlags, ProcessStartCount, FdrFlags, FdrThreatRecordId, EvaluatorThreatRecordId, TrustedInstallerThreatRecordId, LFRThreatRecordId) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?);DELETE FROM BmFileStartupActions WHERE BmFileStartupActions.FilePathHash = ?;SELECT Count(1) FROM BmFileStartupActions;SELECT ID FROM BmFileStartupActions WHERE BmFileStartupActions.FilePathHash = ?;SELECT FilePathHash, FilePath, ActionFlags, ProcessStartCount, FdrFlags, FdrThreatRecordId, EvaluatorThreatRecordId, TrustedInstallerThreatRecordId, LFRThreatRecordId FROM BmFileStartupActions WHERE FilePathHash = ?\|
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT InfectedFileSHA, ProcFileId, SystemFilePath, CleanFileSha FROM SystemFileCache WHERE InfectedFileSHAHash = ? OR ProcFileIDSystemFileHash = ? ORDER BY InstanceTimeStamp DESC;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ProcessPath, TimeStamp, TargetPath, RuleId, IsAudit, Action, ProcessTaintReason, ProcessIntegrity FROM ProcessBlockHistory WHERE RuleId = ? ORDER BY TimeStamp DESC;SELECT ProcessPath, TimeStamp, TargetPath, RuleId, IsAudit, Action, ProcessTaintReason, ProcessIntegrity FROM ProcessBlockHistory WHERE ProcessPath = ? ORDER BY TimeStamp DESC;SELECT ProcessPath, TimeStamp, TargetPath, RuleId, IsAudit, Action, ProcessTaintReason, ProcessIntegrity FROM ProcessBlockHistory ORDER BY TimeStamp DESC;SELECT ProcessPath, TimeStamp, TargetPath, RuleId, IsAudit, Action, ProcessTaintReason, ProcessIntegrity FROM ProcessBlockHistory WHERE ProcessPath = ? AND TimeStamp = ? ORDER BY TimeStamp DESC;SELECT COUNT(DISTINCT ProcessPath) FROM ProcessBlockHistory;DELETE FROM ProcessBlockHistory;SELECT t1.ProcessPath, t1.TimeStamp, t1.TargetPath, t1.RuleId, t1.IsAudit, t1.Action, t1.ProcessTaintReason, t1.ProcessIntegrity FROM ProcessBlockHistory AS t1 INNER JOIN(SELECT ID, ProcessPath, MAX(TimeStamp) AS MostRecentTime FROM ProcessBlockHistory WHERE RuleId = ? GROUP BY ProcessPath) AS t2 ON t1.ID = t2.ID AND t1.TimeStamp = t2.MostRecentTime ORDER BY t1.TimeStamp DESC;SELECT ProcessPath, TimeStamp, TargetPath, RuleId, IsAudit, Action, ProcessTaintReason, ProcessIntegrity FROM ProcessBlockHistory WHERE ProcessPath = ? ORDER BY TimeStamp DESC LIMIT 1;DELETE FROM ProcessBlockHistory WHERE ProcessPath = ? AND TimeStamp = ?;SELECT t1.ProcessPath, t1.TimeStamp, t1.TargetPath, t1.RuleId, t1.IsAudit, t1.Action, t1.ProcessTaintReason, t1.ProcessIntegrity FROM ProcessBlockHistory AS t1 INNER JOIN(SELECT ID, ProcessPath, MAX(TimeStamp) AS MostRecentTime FROM ProcessBlockHistory GROUP BY ProcessPath) AS t2 ON t1.ID = t2.ID AND t1.TimeStamp = t2.MostRecentTime ORDER BY t1.TimeStamp DESC;SELECT ID FROM ProcessBlockHistory WHERE ProcessPath = ?;SELECT COUNT(1) FROM ProcessBlockHistory;DELETE FROM ProcessBlockHistory WHERE TimeStamp < ?;REPLACE INTO ProcessBlockHistory(ProcessPath, TimeStamp, TargetPath, RuleId, IsAudit, Action, ProcessTaintReason, ProcessIntegrity) VALUES (?, ?, ?, ?, ?, ?, ?, ?);SELECT ProcessPath, TimeStamp FROM ProcessBlockHistory ORDER BY TimeStamp ASC LIMIT 1[3
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT t1.ProcessPath, t1.TimeStamp, t1.TargetPath, t1.RuleId, t1.IsAudit, t1.Action, t1.ProcessTaintReason, t1.ProcessIntegrity FROM ProcessBlockHistory AS t1 INNER JOIN(SELECT ID, ProcessPath, MAX(TimeStamp) AS MostRecentTime FROM ProcessBlockHistory GROUP BY ProcessPath) AS t2 ON t1.ID = t2.ID AND t1.TimeStamp = t2.MostRecentTime ORDER BY t1.TimeStamp DESC;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key FROM FileLowFiAsync WHERE FileLowFiAsync.Key = ?; DELETE FROM FileLowFiAsync WHERE FileLowFiAsync.Key = ?; SELECT Key, FileName, SigSeq, SigSha, SigIsSync, InstanceTimeStamp FROM FileLowFiAsync WHERE Key = ?; DELETE FROM FileLowFiAsync WHERE InstanceTimeStamp < ?; SELECT COUNT(1) FROM FileLowFiAsync; INSERT INTO FileLowFiAsync(Key, FileName, SigSeq, SigSha, SigIsSync, InstanceTimeStamp) VALUES(?, ? , ? , ? , ? , ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM AutoFeatureControl WHERE AutoFeatureControl.Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO AnomalyTables(Key, TableKey, TableName, KeyName, FirstSeen, LastSeen, UnbiasedMinutes, Value, Order_) VALUES(? , ? , ? , ? , ? , ? , ? , ? , ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO SystemFileCache(InfectedFileSHAHash, InfectedFileSHA, ProcFileIDSystemFileHash, ProcFileId, SystemFilePath, CleanFileSha, CleanFileShaHash, InstanceTimeStamp) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(16, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(8, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(26, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key, TableKey, TableName, KeyName, FirstSeen, LastSeen, UnbiasedMinutes, Value, Order_ FROM AnomalyTables WHERE AnomalyTables.TableKey = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT COUNT(1) FROM AnomalyTables;
Source: msedgewebview2.exe, 00000002.00000002.2917158670.0000019D09E45000.00000002.00000001.00040000.0000001E.sdmp, Login Data.2.dr	Binary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(DISTINCT UserIdHash) FROM FolderGuardPaths;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID, PPIDHash, ProcessStartTime, PID, StructVersion, ImageFileName, MonitoringFlags_Flags, MonitoringFlags_VmHardenType, MonitoringFlags_ExemptVmHardenedTypes, CommandLineArgs, HipsInjectionId, FolderGuardId, Flags, LsassReadMemId, MonitoringFlags_Flags2Low, MonitoringFlags_Flags2High FROM BmProcessInfo WHERE PPIDHash = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO AutoFeatureControl(Key, CurrCount, MaxCount, InstanceTimeStamp) VALUES (?, ?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key FROM AtomicCounters ORDER BY InsertTime ASC LIMIT 1;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID, NormalizedPathHash, DosPathHash, StructVersion, NormalizedPath, DosPath, Wow64Context, MetaContext, IsFromWeb, IsExecutable FROM BmFileInfo WHERE NormalizedPathHash = ? OR DosPathHash = ?;INSERT INTO BmFileActions(FileInfoId, ThreatRecordId, Action) VALUES (?, ?, ?);SELECT ThreatRecordId, Action FROM BmFileActions WHERE FileInfoId == ?;INSERT INTO BmFileInfo(NormalizedPathHash, DosPathHash, StructVersion, NormalizedPath, DosPath, Wow64Context, MetaContext, IsFromWeb, IsExecutable) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?);DELETE FROM BmFileInfo WHERE NormalizedPathHash = ? OR DosPathHash = ?;DELETE FROM BmFileActions;DELETE FROM BmFileInfo;SELECT ID FROM BmFileInfo WHERE NormalizedPathHash = ? OR DosPathHash = ?;SELECT Count(1) FROM BmFileInfo;B
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(20, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT PersistId, PersistIdBlob, ExpirationDate FROM AmsiFileCache WHERE PersistId = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key FROM AtomicCounters WHERE AtomicCounters.Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(18, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM BmProcessInfo WHERE PPIDHash = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT COUNT(1) FROM AnomalyInfo;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ValueMapArrayBlob FROM ValueMapArray WHERE Key = ? AND RecordType = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM SystemFileCache WHERE InfectedFileSHAHash = ? OR ProcFileIDSystemFileHash = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key FROM AttributeCounts WHERE AttributeCounts.Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key, FilePath, Context, InsertTime, ExpireTime FROM AttributePersistContext WHERE Key = ?; SELECT COUNT(1) FROM AttributePersistContext; MpFileStashMaxSizeMpOplocksInSpynetFileSizeLimitMpDisableValidateTrustUseInternalCertFormatMpDisableOSXValidateTrustMpValidateTrustMSIMaxOverlayMpDisableValidateTrustAllowBadCertDirectory%WINDIR%\System32\catroot2%WINDIR%\System32\CatRootMpDisableValidateTrustInternalMachOInfinite loop detected (more that %d instructions executed)PE_SUCCESSPE_END_ENUMERATIONPE_NOMEMORYPE_OVERLAPPINGPE_READPE_WRITEPE_FILEPE_DECOMPRESS_ERRORPE_NOTIMPLEMENTEDPE_UNSUPPORTED_MACHINE_ARCHITECTUREPE_INVALID_SIZEOFOPTIONALHEADERPE_INVALID_OPTIONAL_MAGICPE_INVALID_SIZEOFIMAGEPE_INVALID_IMAGEBASEPE_INVALID_SECTIONALIGNMENTPE_INVALID_FILEALIGNMENTPE_INVALID_DOS_SIGNATUREPE_INVALID_E_LFANEWPE_INVALID_NT_SIGNATUREPE_INVALID_SIZEOFHEADERSPE_INVALID_ARGUMENTSPE_INVALID_VIRTUALSIZEPE_INVALID_VIRTUALADDRESSPE_INVALID_RAWOFFSETPE_INVALID_RAWSIZEPE_INVALID_RVAPE_INVALID_EXPORTSPE_INVALID_DATAPE_ERROR_RESERVEDMpMaxPeExportsInCoreReportsMpMapsHeartbeatDistributionIntervalMpRemediationCheckpointLiveDelayMpMaxSpynetReportsMpMapsHeartbeatDelayOnDetectionMpEnableFriendlyCloudCheckMpDisableMDMPolicyChecksMpHeartbeatControlGroupMpDisableMpsigstubErrorMapsHeartbeatMpDisableExclusionsMapsHeartbeatMpDisableMapsDisableMapsHeartbeatMpDisablePaidEnhancedMapsHeartbeatMpDisableEnhancedMapsHeartbeatMpUrlReputationTimeoutMpMaxRtsdBatchSizeMpEnhancedMapsHeartbeatRateMpDisableRtpChangeMapsHeartbeatMpDisableUninstallMapsHeartbeatMpMapsHeartbeatDelayMpEnableUefiEnumerationInHeartBeatMpDisableUrlReputationMapsMpDisableErrorMapsHeartbeatMpMaxNetworkConnectionReportsInSpynetMpMapsHeartbeatDetectionIntervalMpDisableCachingSampleSubmittedShasMpDisableRemediationCheckpointsMpRemediationCheckpointTimeoutMpSampleSubmissionSizeLimitMpPaidEnhancedMapsHeartbeatDelayMpDisableSetupErrorMapsHeartbeatMpDisableOplocksInSpynetMpMapsHeartbeatRateMpEnhancedMapsHeartbeatDelayMpMaxRtsdCountMpDisablePersistScanHandleOnThreatNotFoundMpDisableAdvSSAndFallbackToWatsonMpDisableSenseHeartbeatEtwMpDisableNetworkInfoInHeartbeatMpDisableRemediationFailTelemetryMpFirmwareEnvironmentVariableQueriesMpDisableDefenderDisableMapsHeartbeatMpDisableTestErrorMapsHeartbeatMpDisableOfflineEnhancedMapsHeartbeatMpOfflineEnhancedMapsHeartbeatRateMpDisableDnsCacheSubmissionWithNRICacheMpOfflineEnhancedMapsHeartbeatDelayMpDisableUrlReputationMapsCachet
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key FROM AttributeCounts ORDER BY InsertTime ASC LIMIT 1;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT t1.ProcessPath, t1.TimeStamp, t1.TargetPath, t1.RuleId, t1.IsAudit, t1.Action, t1.ProcessTaintReason, t1.ProcessIntegrity FROM ProcessBlockHistory AS t1 INNER JOIN(SELECT ID, ProcessPath, MAX(TimeStamp) AS MostRecentTime FROM ProcessBlockHistory WHERE RuleId = ? GROUP BY ProcessPath) AS t2 ON t1.ID = t2.ID AND t1.TimeStamp = t2.MostRecentTime ORDER BY t1.TimeStamp DESC;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key FROM ValueMapArray WHERE ValueMapArray.Key = ? AND ValueMapArray.RecordType = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(21, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(1) FROM BmFileInfo;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT COUNT(1) FROM AtomicCounters;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ThreatRecordId, Action FROM BmFileActions WHERE FileInfoId == ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(17, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO BmHipsRuleInfo(ProcessInfoId, RuleAction, RuleId, IsAudit, IsInherited, State) VALUES (?, ?, ?, ?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE AttributePersistContext SET FilePath = ?, Context = ?, InsertTime = ?, ExpireTime = ? WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO ProcessInfo(FileName, ProcessId, CommandLine, StartTime, TokenElevation, TokenElevationType, IntegrityLevel) VALUES(? , ? , ? , ? , ? , ? , ? );
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key, RecordTimeStamp, Generation FROM RecordIdentifier WHERE ID = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(32, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key FROM AttributePersistContext WHERE AttributePersistContext.Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(19, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM NetworkIpFirewallRules WHERE NetworkIpFirewallRules.Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO BackupProcessInfo(Key, FilePath, FirstStartTime, NextUSN, AutomaticRemovalPolicy, ImpactedCBPNameSpaces, InstanceTimeStamp) VALUES ( ?, ?, ?, ?, ?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(22, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM RansomwareDetections WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM SdnEx WHERE SdnEx.Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(32, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(29, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM SystemRegistryCache WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT COUNT(1) FROM AttributeCounts;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(1) FROM AmsiFileCache;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key FROM AnomalyTables WHERE AnomalyTables.TableKey = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO SystemRegistryCache(Key, FileIDHash, RegPath, RegOperation, NewRegType, OldRegType, OldRegData, NewRegData, InstanceTimeStamp) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO File(SHA1, MD5, lshashs, lshash, PartialCRC1, PartialCRC2, PartialCRC3, KCRC1, KCRC2, KCRC3, KCRC3n, Size, SHA256) VALUES(? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ?, ?, ? );
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(30, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(23, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT COUNT(1) FROM RollingQueuesValues;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO SdnEx(Key, CurrentCount) VALUES (?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(15, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(10, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO BmProcessInfo(PPIDHash, ProcessStartTime, PID, StructVersion, ImageFileName, MonitoringFlags_Flags, MonitoringFlags_VmHardenType, MonitoringFlags_ExemptVmHardenedTypes, CommandLineArgs, HipsInjectionId, FolderGuardId, Flags, LsassReadMemId, MonitoringFlags_Flags2Low, MonitoringFlags_Flags2High)VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(1) FROM BackupProcessInfo;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key, FilePath, Context, InsertTime, ExpireTime FROM AttributePersistContext WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT COUNT(1) FROM ValueMapArray WHERE RecordType = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT FileInstance.ID FROM FileInstance, RecordIdentifier WHERE FileInstance.RecordID = RecordIdentifier.ID AND RecordIdentifier.Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT RecordIdentifier.Key, FileInstance.RecordID, RecordIdentifier.RecordTimeStamp, FileInstance.TrackingEnabled, FileInstance.StorageEvent, FileInstance.StorageEventState, FileInstance.ModificationsCount, FileInstance.ParentRecordID, FileInstance.Parent_FileEvent, FileInstance.Parent_FileName, RecordIdentifier.Generation, FileInstance.FileName, FileInstance.USN, FileInstance.CreateTime, FileInstance.LastAccessTime, FileInstance.LastWriteTime, FileInstance.Signer, FileInstance.SignerHash, FileInstance.Issuer, FileInstance.SigningTime, FileInstance.MOTW, FileInstance.MOTWFromParent, FileInstance.IsValidCert, FileInstance.CertInvalidDetails, FileInstance.IsCatalogSigned, File.SHA1, File.MD5, File.lshashs, File.lshash, File.PartialCRC1, File.PartialCRC2, File.PartialCRC3, File.KCRC1, File.KCRC2, File.KCRC3, File.KCRC3n, File.Size, File.SHA256, ParentProcessInfo.CommandLine, ParentProcessInfo.FileName, ParentProcessInfo.IntegrityLevel, ParentProcessInfo.ProcessId, ParentProcessInfo.StartTime, ParentProcessInfo.TokenElevation, ParentProcessInfo.TokenElevationType, RemoteProcessInfo.CommandLine, RemoteProcessInfo.FileName, RemoteProcessInfo.IntegrityLevel, RemoteProcessInfo.TokenElevation, RemoteProcessInfo.TokenElevationType, ScanInfo.NamedAttributes, ScanInfo.PeAttributes, ScanInfo.PersistSigSeq, ScanInfo.ProgenitorPersistSigSeq, ScanInfo.ScanAgent, ScanInfo.ScanReason, ScanInfo.SigAttrEvents, ScanInfo.SigSeq, ScanInfo.SigSha, ScanInfo.WebURL,Engine.EngineVersion, Engine.SigVersion FROM RecordIdentifier INNER JOIN (FileInstance INNER JOIN File ON FileInstance.FileID = File.ID LEFT OUTER JOIN ProcessInfo as 'ParentProcessInfo' ON FileInstance.Parent_ProcessID = ParentProcessInfo.ID LEFT OUTER JOIN ProcessInfo as 'RemoteProcessInfo' ON FileInstance.Remote_ProcessID = RemoteProcessInfo.ID LEFT OUTER JOIN (ScanInfo INNER JOIN Engine ON ScanInfo.EngineID = Engine.ID) ON FileInstance.ScanID = ScanInfo.ID ) ON RecordIdentifier.ID = FileInstance.RecordID WHERE RecordIdentifier.Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(9, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(1) FROM DynSigRevisions;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT COUNT(1) FROM ProcessBlockHistory;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO ValueMapArray(Key, RecordType, ValueMapArrayBlob, InstanceTimeStamp) VALUES(?, ? , ? , ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key, Name, Count, InsertTime, ExpireTime FROM AttributeCounts WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key, FileName, SigSeq, SigSha, SigIsSync, InstanceTimeStamp FROM FileLowFiAsync WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM BmFileStartupActions WHERE BmFileStartupActions.FilePathHash = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT COUNT(1) FROM FileHashes;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key FROM FileLowFiAsync WHERE FileLowFiAsync.Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO RecordIdentifier(Key, RecordTimeStamp, Generation) VALUES(?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO FolderGuardPaths(UserIdHash, UserId, GUID, Path) VALUES ( ?, ?, ?, ? );SELECT Count(DISTINCT UserIdHash) FROM FolderGuardPaths;DELETE FROM FolderGuardPaths WHERE UserIdHash = ?;SELECT ID FROM FolderGuardPaths WHERE UserIdHash = ? LIMIT 1;SELECT UserId, GUID, Path FROM FolderGuardPaths WHERE UserIdHash = ?N
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(27, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT DetectionGuid, LkgTS, NextUSN, DetectionTS, ProvisionalRemedComplTS, RemedComplTS, ImpactedCBPNameSpaces FROM RansomwareDetections WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO NetworkIpFirewallRules(Key, FirewallRuleName, ExpiryTime) VALUES (?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO FileHashes(Key, VSN, FileID, USN, InstanceTimeStamp, SHA1, MD5, SHA256, LSHASH, LSHASHS, CTPH, PartialCRC1, PartialCRC2, PartialCRC3, KCRC1, KCRC2, KCRC3, KCRC3n) VALUES(?, ? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT FilePath, FirstStartTime, NextUSN, AutomaticRemovalPolicy, ImpactedCBPNameSpaces FROM BackupProcessInfo WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(7, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key FROM RollingQueuesTables WHERE RollingQueuesTables.Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ProcessPath, TimeStamp, TargetPath, RuleId, IsAudit, Action, ProcessTaintReason, ProcessIntegrity FROM ProcessBlockHistory ORDER BY TimeStamp DESC;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO DynSigRevisions(Key, SdnRevision, EsuRevision, BFRevision, EntCertRevision, TamperRevision, AGBlobRevision, BFFileAllowRevision, BFFileBlockRevision, BFCertAllowRevision, BFCertBlockRevision) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);DELETE FROM DynSigRevisions WHERE DynSigRevisions.Key = ?;SELECT Count(1) FROM DynSigRevisions;SELECT ID FROM DynSigRevisions WHERE DynSigRevisions.Key = ?;SELECT Key, SdnRevision, EsuRevision, BFRevision, EntCertRevision, TamperRevision, AGBlobRevision, BFFileAllowRevision, BFFileBlockRevision, BFCertAllowRevision, BFCertBlockRevision FROM DynSigRevisions WHERE Key = ?
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(2, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE AttributeCounts SET Name = ?, Count = ?, InsertTime = ?, ExpireTime = ? WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT (SELECT COUNT() FROM File) + (SELECT COUNT() FROM FileInstance);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO RollingQueuesTables(Key, Name, Capacity, TimeToLive, Mode) VALUES(? , ? , ? , ? , ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO FolderGuardPaths(UserIdHash, UserId, GUID, Path) VALUES ( ?, ?, ?, ? );
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM BackupProcessInfo WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(25, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(1) FROM BmFileStartupActions;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key FROM AttributePersistContext ORDER BY InsertTime ASC LIMIT 1;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO Engine(EngineVersion, SigVersion) VALUES(? , ? );

Source: C:\Users\user\Desktop\BrowserUpdateTool.exe

File read: C:\Users\user\Desktop\BrowserUpdateTool.exe

Jump to behavior

Source: unknown	Process created: C:\Users\user\Desktop\BrowserUpdateTool.exe "C:\Users\user\Desktop\BrowserUpdateTool.exe"
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=BrowserUpdateTool.exe --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --disable-features=msSmartScreenProtection --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=7536.7584.8340987022922056471
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x160,0x164,0x168,0x13c,0x170,0x7ffdfb1c8e88,0x7ffdfb1c8e98,0x7ffdfb1c8ea8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1788 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2780 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=3020 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1724954327302821 --launch-time-ticks=4335514542 --mojo-platform-channel-handle=3508 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:1
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=4536 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x160,0x164,0x168,0x13c,0x170,0x7ffdfb1c8e88,0x7ffdfb1c8e98,0x7ffdfb1c8ea8	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1788 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:2	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2780 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:3	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=3020 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:8	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1724954327302821 --launch-time-ticks=4335514542 --mojo-platform-channel-handle=3508 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:1	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=4536 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:2	Jump to behavior

Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: powrprof.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: umpdc.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: dwmapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: edputil.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: dbghelp.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: twinapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: twinapi.appcore.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.system.profile.platformdiagnosticsandusagedatasettings.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: policymanager.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kbdus.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.system.profile.platformdiagnosticsandusagedatasettings.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: policymanager.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wkscli.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mdmregistration.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mdmregistration.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: omadmapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: powrprof.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dmcmnutils.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: iri.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: umpdc.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netapi32.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netapi32.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dsreg.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: powrprof.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: umpdc.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dwrite.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dpapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: nlaapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dhcpcsvc6.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dhcpcsvc.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.ui.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windowmanagementapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: inputhost.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: twinapi.appcore.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: twinapi.appcore.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wtsapi32.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winsta.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mscms.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: coloradapterclient.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.security.authentication.web.core.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: onecorecommonproxystub.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: devobj.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dataexchange.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d11.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dcomp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dxgi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uiautomationcore.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: atlthunk.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: oleacc.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: directmanipulation.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dxgi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: resourcepolicyclient.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mf.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mfplat.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: rtworkq.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: hevcdecoder.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dolbydecmft.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mfperfhelper.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dwmapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d11.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d10warp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dxcore.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dcomp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dbghelp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dwrite.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: policymanager.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dwritecore.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: vaultcli.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.web.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: aadwamextension.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: hevcdecoder.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: tenantrestrictionsplugin.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netprofm.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: npmproxy.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wevtapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.system.userprofile.diagnosticssettings.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netapi32.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: secur32.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dbghelp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.system.diagnostics.telemetry.platformtelemetryclient.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: bitsproxy.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dhcpcsvc6.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dhcpcsvc.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: nlaapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ncryptprov.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dxgi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: resourcepolicyclient.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d11.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d11.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dxcore.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mf.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mfplat.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: rtworkq.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: hevcdecoder.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dolbydecmft.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mfperfhelper.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d12.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d12.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d12core.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d10warp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dxilconv.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3dscache.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: twinapi.appcore.dll	Jump to behavior

Source: C:\Users\user\Desktop\BrowserUpdateTool.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1f486a52-3cb1-48fd-8f50-b8dc300d9f9d}\InProcServer32

Jump to behavior

Source: BrowserUpdateTool.exe

Static PE information: certificate valid

Source: BrowserUpdateTool.exe

Static PE information: Virtual size of .text is bigger than: 0x100000

Source: BrowserUpdateTool.exe

Static PE information: Image base 0x140000000 > 0x60000000

Source: BrowserUpdateTool.exe

Static file information: File size 99319784 > 1048576

Source: BrowserUpdateTool.exe	Static PE information: Raw size of .text is bigger than: 0x100000 < 0x1bf7200
Source: BrowserUpdateTool.exe	Static PE information: Raw size of .data is bigger than: 0x100000 < 0x8fb000
Source: BrowserUpdateTool.exe	Static PE information: Raw size of .rdata is bigger than: 0x100000 < 0x16bfe00
Source: BrowserUpdateTool.exe	Static PE information: Raw size of .rsrc is bigger than: 0x100000 < 0x220a400

Source: BrowserUpdateTool.exe

Static PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE

Source:	Binary string: MpGear.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: BTR.pdbGCTL source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: KSLDriver.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: KSLD.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: /_/artifacts/obj/Microsoft.CodeAnalysis.CSharp/Release/net7.0/Microsoft.CodeAnalysis.CSharp.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: /_/artifacts/obj/Microsoft.CodeAnalysis.CSharp/Release/net7.0/Microsoft.CodeAnalysis.CSharp.pdbSHA256C source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: offreg.pdbH source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: KSLDriver.pdbGCTL source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: MsMpEngCP.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF330000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: BTR.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: MsMpEngSvc.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: mpengine.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: MsMpEngSvc.pdbGCTL source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: Microsoft.CodeAnalysis.CSharp.ni.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: MsMpEngCP.pdbGCTL source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF330000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: offreg.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: KSLD.pdbGCTL source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: MpGear.pdbGCTL source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: output file name with .pdb extension) source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: mpengine.pdbOGPS source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp

PE file contains sections with non-standard names

Source: BrowserUpdateTool.exe

Static PE information: section name: .xdata

Monitors certain registry keys / values for changes (often done to protect autostart functionality)

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Registry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Registry key monitored for changes: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Dnscache\Parameters	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Registry key monitored for changes: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Dnscache\Parameters	Jump to behavior

Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior

Queries keyboard layouts

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe

Key opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\d0010809

Jump to behavior

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Code Cache\js FullSizeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Code Cache\wasm FullSizeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\blob_storage\e1022566-0e68-48d0-9ea8-87cc2c7265f6 FullSizeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Cache\Cache_Data FullSizeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47 FullSizeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47 FullSizeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Local\Temp FullSizeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Local\Temp FullSizeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user FullSizeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user FullSizeInformation	Jump to behavior

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Network\3ac53f57-dfab-444d-a69f-4fabb3044db1.tmp	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Network\SCT Auditing Pending Reports	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\	Jump to behavior

Source: msedgewebview2.exe, 00000002.00000002.2927846101.00004C64022F0000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: VMware
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: detects_vmware
Source: msedgewebview2.exe, 00000002.00000002.2927502914.00004C6402274000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: USB device added: path=\\?\usb#vid_0e0f&pid_0003#5&2dda038&0&5#{a5dcbf10-6530-11d2-901f-00c04fb951ed} vendor=3599 "VMware", product=3 "VMware Virtual USB Mouse", serial="", driver="usbccgp", guid=2c09c714-845b-4167-9d1d-580102fe89ddLd
Source: msedgewebview2.exe, 00000002.00000002.2932847700.00004C6402C0C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: VMware Virtual USB Mouse
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: azurevirtualmachinename_scrubbed
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: DD:%s:%s:%swailsWindowPRINTSCREENISO-2022-JPgooglecloud%s at %d:%dPREFETCHWT1VFMADDSUBPDVFMADDSUBPSVFMSUBADDPDVFMSUBADDPSprefetchntaprefetchwt1sha256rnds2vaesdeclastvaesenclastvcompresspdvcompresspsvcvttpd2udqvcvttpd2uqqvcvttps2udqvcvttps2uqqvcvttsd2usivcvttss2usivfixupimmpdvfixupimmpsvfixupimmsdvfixupimmssvfmadd132pdvfmadd132psvfmadd132sdvfmadd132ssvfmadd213pdvfmadd213psvfmadd213sdvfmadd213ssvfmadd231pdvfmadd231psvfmadd231sdvfmadd231ssvfmaddsubpdvfmaddsubpsvfmsub132pdvfmsub132psvfmsub132sdvfmsub132ssvfmsub213pdvfmsub213psvfmsub213sdvfmsub213ssvfmsub231pdvfmsub231psvfmsub231sdvfmsub231ssvfmsubaddpdvfmsubaddpsvinsertf128vinserti128vmaskmovdquvpcompressdvpcompressqvpconflictdvpconflictqvphminposuwvpmadd52huqvpmadd52luqvpscatterddvpscatterdqvpscatterqdvpscatterqqvpunpckhqdqvpunpcklqdqvrndscalepdvrndscalepsvrndscalesdvrndscalessvscatterdpdvscatterdpsvscatterqpdvscatterqpsSwapBuffersgdiplus.dllshlwapi.dllLoadCursorWFindWindowWDefDlgProcWWaitMessageInflateRectIsRectEmptyDestroyMenuDestroyIconOutOfMemoryuxtheme.dllDrawMenuBarGetKeyStateShell32.dllBrowserBackBrowserStopBrowserHomeExclusiveOrchain empty%q not found<?sentinel?>DoesNotExistTargetRemoveContent-Typecontent-typeDeleteObjectListAccountsimage/x-iconimage/x-icnsaudio/x-mpegaudio/x-midiaudio/x-aiffaudio/amr-nbaudio/x-mp4akernel32.dllCoInitializeoleaut32.dllVariantClearSysStringLenRoInitializeunknown typeserverPubKeywriteTimeoutError %d: %sUNSIGNED INTSERIALIZABLEmacroman_binarmscii8_binEventSessioninvalid port<(%s,%s),%s>_timestamptz(database)s$%v not foundempty numberReadObjectCBdecode arraydecode sliceAMDisbetter!AuthenticAMDCentaurHaulsGenuineIntelTransmetaCPUGenuineTMx86Geode by NSCVIA VIA VIA KVMKVMKVMKVMMicrosoft HvVMwareVMwareXenVMMXenVMMbhyve bhyve HygonGenuineVortex86 SoCSiS SiS SiS RiseRiseRiseGenuine RDCAccessDeniedca-central-1eu-central-1eu-central-2me-central-1il-central-1[+
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: VMwareVMware
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: azurevirtualmachinename
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: Unknown member: peattributes.%hspe.set_peattribute(name, state) expects boolean "state"ARM_big_endianARM_legacyARM_unpredictable_16bitmachine_32bitmachineaggressive_trim_wsaggressiveimportamd64_imagearm_imageaslr_bit_setbound_imports_inside_imagebyte_reversed_hibyte_reversed_lowcalls_unimplemented_apichecks_if_debugged_documentedchecks_if_debugged_undocumentedchecks_ntglobalflagchecks_processheapchecks_teb_lasterrorchecks_teb_laststatuscode_on_stackdebug_strippeddeep_analysisdeep_apicall_limitdelay_load_imports_inside_imagedetects_virtualpcdetects_vmdetects_vmwaredirty_wx_branchdisable_apicall_limitdisable_drop_mz_onlydisable_dropper_rescandisable_io_redirectiondisable_microcodedisable_seh_limitdisable_static_unpackingdisable_thread_apicall_limitdisable_vmprotectdmg_decompressdmg_entrypointdmg_filealignmentdmg_imagebasedmg_imagesizedmg_importsdmg_invaliddatadmg_machinedmg_not_executable_imagedmg_notcontiguousdmg_optional_magicdmg_overlapping_sectionsdmg_pointertorawdatadmg_relocationsdmg_resource_levelsdmg_resource_namesdmg_resource_offsetdmg_resource_unordereddmg_sectionalignmentdmg_sizeofheadersdmg_sizeofrawdatadmg_special_sectiondmg_truncateddmg_unsupporteddmg_virtualaddressdmg_virtualsizedroppeddt_continue_after_unpackingdt_continue_after_unpacking_damageddt_error_bb_limitdt_error_failed_to_translatedt_error_heur_API_limitdt_error_heur_exit_criteriadt_error_invalid_opcodedt_error_loop_too_complexdt_error_not_enough_memorydt_error_too_many_operandsdt_error_too_many_prefixesdt_error_vmm_page_faultdynmem_APIcalldynmem_checks_if_debugged_docdynmem_checks_if_debugged_undocdynmem_checks_ntglobalflagdynmem_checks_processheapdynmem_detects_virtualpcdynmem_detects_vmdynmem_detects_vmwaredynmem_kernel_scandynmem_reads_vdll_codedynmem_self_modifying_codedynmem_uses_access_violationdynmem_uses_bound_exceptionsdynmem_uses_breakpointsdynmem_uses_div_by_zerodynmem_uses_int_overflowdynmem_uses_invalid_opcodesdynmem_uses_privinstrdynmem_uses_single_steppingdynmem_uses_udbgrddynmem_uses_udbgwrdynmem_uses_unusual_breakpointenable_binlibenable_lshashenable_vmm_growentrybyte55entrybyte60entrybyte90entrypoint_in_headerentrypoint_in_import_tableepatscnstartepatstartentrysectepatstartlastsectepcallnextepinfirstsectepiniatepoutofimageepscn_eqsizesepscn_falignepscn_islastepscn_valignepscn_vfalignepscn_writableepsec_not_executableexecutable_imageexecutble_imageexecutes_from_dynamic_memoryexecutes_from_last_sectionexecutes_from_resourcesextended_pestaticfirstsectwritableforce_dtforce_expensive_processingforce_unpackinggenpackedhandle_large_vahas_checksumhas_delay_load_importshas_many_resourceshas_msilresourceshasappendeddatahasboundimportshasexportshasstandardentryheaderchecksum0hstr_exhaustiveia64_imageimport_via_tlsinv_argumentsinv_datainv_decompress_errorinv_dos_signatureinv_e_lfanewinv_exportsinv_fileinv_filealignmentinv_filesizeinv_imagebaseinv_nomemoryinv_notimplementedinv_nt_signatureinv_optional_magicinv_overlappinginv_rawoffsetinv_rawsizeinv_readinv_rvainv_sect
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: dynmem_detects_vmware
Source: msedgewebview2.exe, 00000002.00000002.2927502914.00004C6402274000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: USB device added: path=\\?\usb#vid_0e0f&pid_0003#5&2dda038&0&5#{a5dcbf10-6530-11d2-901f-00c04fb951ed} vendor=3599 "VMware", product=3 "VMware Virtual USB Mouse", serial="", driver="usbccgp", guid=2c09c714-845b-4167-9d1d-580102fe89dd
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: pea_dynmem_detects_vmware
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: 7zXZ\SystemRoot\Device\0123456789ABCDEF0123456789abcdefpea_epscn_islastpea_epcallnextpea_secmissizepea_epatstartlastsectpea_entrybyte60pea_entrybyte90pea_epiniatpea_usesuninitializedregspea_prefetchtrickspea_issuspiciouspea_isgenericpea_isreportedpea_aggressiveimportpea_enable_binlibpea_enable_lshashpea_many_importspea_self_modifying_codepea_track_direct_importspea_detects_vmpea_detects_vmwarepea_detects_virtualpcpea_is_delphipea_uses_single_steppingpea_uses_bound_exceptionspea_uses_div_by_zeropea_uses_int_overflowpea_uses_invalid_opcodespea_uses_unusual_breakpointpea_checks_if_debugged_documentedpea_disable_io_redirectionpea_suspicious_rebasepea_disable_drop_mz_onlypea_suspicious_stack_geometrypea_suspicious_subsystempea_suspicious_timestamppea_suspicious_valignpea_suspicious_section_fsizepea_suspicious_section_characteristicspea_aggressive_trim_wspea_16bitmachinepea_system_filepea_suspicious_number_of_dirspea_force_unpackingpea_extended_pestaticpea_small_data_directory_countpea_multiple_relocs_same_locationpea_relocs_but_no_relocs_flagpea_suspicious_imagebasepea_no_section_tablepea_no_sectionspea_many_sectionspea_suspicious_image_sizepea_bound_imports_inside_imagepea_delay_load_imports_inside_imagepea_entrypoint_in_import_tablepea_entrypoint_in_headerpea_import_via_tlspea_epsec_not_executablepea_othermachine_imagepea_checks_teb_lasterrorpea_disable_vmprotectpea_checks_teb_laststatuspea_disable_thread_apicall_limitpea_deep_apicall_limitpea_dynmem_uses_div_by_zeropea_dynmem_uses_int_overflowpea_dynmem_uses_bound_exceptionspea_dynmem_uses_privinstrpea_dynmem_uses_breakpointspea_dynmem_uses_single_steppingpea_dynmem_uses_invalid_opcodespea_dynmem_uses_unusual_breakpointpea_dynmem_detects_vmpea_dynmem_detects_vmwarepea_dynmem_detects_virtualpcpea_dynmem_checks_if_debugged_docpea_dynmem_checks_if_debugged_undocpea_dynmem_kernel_scanpea_dynmem_self_modifying_codepea_dt_continue_after_unpackingpea_dt_continue_after_unpacking_damagedpea_loop_jmp_chainpea_droppedpea_reads_vdll_codepea_dynmem_reads_vdll_codepea_verbose_vdll_readspea_scan_internal_datapea_isvbpcodepea_ARM_legacypea_ARM_big_endianpea_ARM_unpredictablepea_isappcontainerpea_checks_ntglobalflagpea_dynmem_checks_ntglobalflagpea_dynmem_checks_processheappea_dt_error_heur_exit_criteriapea_dt_error_too_many_prefixespea_dt_error_invalid_opcodepea_dt_error_too_many_operandspea_dt_error_bb_limitpea_dt_error_loop_too_complexpea_executes_from_last_sectionpea_executes_from_resourcespea_memory_patchedpea_uses_sysenterpea_suspicious_resource_directory_sizepea_suspicious_import_directory_sizepea_invalid_ilt_entrypea_dmg_machinepea_dmg_filealignmentpea_dmg_pointertorawdatapea_dmg_virtualaddresspea_dmg_truncatedpea_dmg_special_sectionpea_dmg_relocationspea_dmg_overlapping_sectionspea_dmg_optional_magicpea_dmg_sizeofheaderspea_dmg_imagebasepea_dmg_imagesizepea_dmg_unsupportedpea_dmg_importspea_dmg_invaliddatapea_dmg_decompresspea_dmg_virtualsizepea_dmg_not_executable_imagepea_dmg_entrypointpea_inv_sizeofoptio
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: Software\Microsoft\Windows DefenderSOFTWARE\Policies\Microsoft\SQMClient\WindowsPhoneSoftware\Policies\Microsoft\SQMClient%windir%\temp%ProgramFiles(x86)%NtGetCachedSigningLevelSOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlockhr=0x%08XThreatTrackingSigSeqEmuldet.Ainvalid hash bucket count&
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: pea_detects_vmware
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: zJVSk/BwJVmcIGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5dd
Source: BrowserUpdateTool.exe, 00000000.00000002.2919669132.0000019BCC834000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2913395921.0000019D05040000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2900139702.000001D7A202B000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe

Process information queried: ProcessInformation

Jump to behavior

Creates a process in suspended mode (likely to inject code)

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x160,0x164,0x168,0x13c,0x170,0x7ffdfb1c8e88,0x7ffdfb1c8e98,0x7ffdfb1c8ea8	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1788 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:2	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2780 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:3	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=3020 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:8	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1724954327302821 --launch-time-ticks=4335514542 --mojo-platform-channel-handle=3508 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:1	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=4536 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:2	Jump to behavior

Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=browserupdatetool.exe --user-data-dir="c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview" --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --disable-features=mssmartscreenprotection --enable-features=mojoipcz --mojo-named-platform-channel-pipe=7536.7584.8340987022922056471
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview\crashpad --annotation=isofficialbuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=win64 "--annotation=prod=edge webview2" --annotation=ver=117.0.2045.47 --initial-client-data=0x160,0x164,0x168,0x13c,0x170,0x7ffdfb1c8e88,0x7ffdfb1c8e98,0x7ffdfb1c8ea8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview" --webview-exe-name=browserupdatetool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=waaaaaaaaadgaaamaaaaaaaaaaaaaaaaaabgaaaaaaa4aaaaaaaaaaaaaaaeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaagaaaaaaaaaayaaaaaaaaaagaaaaaaaaacaaaaaaaaaaiaaaaaaaaaa== --mojo-platform-channel-handle=1788 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=mojoipcz --disable-features=mssmartscreenprotection /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.networkservice --lang=en-gb --service-sandbox-type=none --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview" --webview-exe-name=browserupdatetool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2780 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=mojoipcz --disable-features=mssmartscreenprotection /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.storageservice --lang=en-gb --service-sandbox-type=service --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview" --webview-exe-name=browserupdatetool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=3020 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=mojoipcz --disable-features=mssmartscreenprotection /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview" --webview-exe-name=browserupdatetool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-gb --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_ch" --time-ticks-at-unix-epoch=-1724954327302821 --launch-time-ticks=4335514542 --mojo-platform-channel-handle=3508 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=mojoipcz --disable-features=mssmartscreenprotection /prefetch:1
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview" --webview-exe-name=browserupdatetool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=waaaaaaaaadoaaamaaaaaaaaaaaaaaaaaabgaaaaaaa4aaaaaaaaaaaaaabeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaagaaaaaaaaaayaaaaaaaaaagaaaaaaaaacaaaaaaaaaaiaaaaaaaaaa== --mojo-platform-channel-handle=4536 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=mojoipcz --disable-features=mssmartscreenprotection /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview\crashpad --annotation=isofficialbuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=win64 "--annotation=prod=edge webview2" --annotation=ver=117.0.2045.47 --initial-client-data=0x160,0x164,0x168,0x13c,0x170,0x7ffdfb1c8e88,0x7ffdfb1c8e98,0x7ffdfb1c8ea8	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview" --webview-exe-name=browserupdatetool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=waaaaaaaaadgaaamaaaaaaaaaaaaaaaaaabgaaaaaaa4aaaaaaaaaaaaaaaeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaagaaaaaaaaaayaaaaaaaaaagaaaaaaaaacaaaaaaaaaaiaaaaaaaaaa== --mojo-platform-channel-handle=1788 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=mojoipcz --disable-features=mssmartscreenprotection /prefetch:2	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.networkservice --lang=en-gb --service-sandbox-type=none --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview" --webview-exe-name=browserupdatetool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2780 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=mojoipcz --disable-features=mssmartscreenprotection /prefetch:3	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.storageservice --lang=en-gb --service-sandbox-type=service --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview" --webview-exe-name=browserupdatetool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=3020 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=mojoipcz --disable-features=mssmartscreenprotection /prefetch:8	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview" --webview-exe-name=browserupdatetool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-gb --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_ch" --time-ticks-at-unix-epoch=-1724954327302821 --launch-time-ticks=4335514542 --mojo-platform-channel-handle=3508 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=mojoipcz --disable-features=mssmartscreenprotection /prefetch:1	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview" --webview-exe-name=browserupdatetool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=waaaaaaaaadoaaamaaaaaaaaaaaaaaaaaabgaaaaaaa4aaaaaaaaaaaaaabeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaagaaaaaaaaaayaaaaaaaaaagaaaaaaaaacaaaaaaaaaaiaaaaaaaaaa== --mojo-platform-channel-handle=4536 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=mojoipcz --disable-features=mssmartscreenprotection /prefetch:2	Jump to behavior

Queries the volume information (name, serial number etc) of a device

Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Queries volume information: C:\Users\user\Desktop\BrowserUpdateTool.exe VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\segoeuib.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\WidevineCdm\manifest.json VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\Trust Protection Lists\manifest.json VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\System32\spool\drivers\color\sRGB Color Space Profile.icm VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesbd.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesbd.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesbi.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesbi.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\MEIPreload\preloaded_data.pb VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Network\SCT Auditing Pending Reports VolumeInformation	Jump to behavior

Source: C:\Users\user\Desktop\BrowserUpdateTool.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
162.159.61.3	unknown	United States	13335	CLOUDFLARENETUS	false
185.199.111.133	raw.githubusercontent.com	Netherlands	54113	FASTLYUS	false
172.64.41.3	chrome.cloudflare-dns.com	United States	13335	CLOUDFLARENETUS	false
151.101.130.137	code.jquery.com	United States	54113	FASTLYUS	false

Private

IP
127.0.0.1

Contacted Domains

Name	IP	Active
chrome.cloudflare-dns.com	172.64.41.3	true
code.jquery.com	151.101.130.137	true
raw.githubusercontent.com	185.199.111.133	true
198.187.3.20.in-addr.arpa	unknown	unknown

Bitcoin Miner

Found strings related to Crypto-Mining

Source: msedgewebview2.exe, 00000002.00000002.2934535244.00004C640304C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: jsecoin.com/
Source: msedgewebview2.exe, 00000002.00000002.2934535244.00004C640304C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: coinhive.com/

Source: BrowserUpdateTool.exe

Static PE information: certificate valid

Source: BrowserUpdateTool.exe

Static PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE

Source:	Binary string: MpGear.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: BTR.pdbGCTL source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: KSLDriver.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: KSLD.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: /_/artifacts/obj/Microsoft.CodeAnalysis.CSharp/Release/net7.0/Microsoft.CodeAnalysis.CSharp.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: /_/artifacts/obj/Microsoft.CodeAnalysis.CSharp/Release/net7.0/Microsoft.CodeAnalysis.CSharp.pdbSHA256C source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: offreg.pdbH source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: KSLDriver.pdbGCTL source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: MsMpEngCP.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF330000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: BTR.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: MsMpEngSvc.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: mpengine.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: MsMpEngSvc.pdbGCTL source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: Microsoft.CodeAnalysis.CSharp.ni.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: MsMpEngCP.pdbGCTL source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF330000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: offreg.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: KSLD.pdbGCTL source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: MpGear.pdbGCTL source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: output file name with .pdb extension) source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: mpengine.pdbOGPS source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Network\3ac53f57-dfab-444d-a69f-4fabb3044db1.tmp	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Network\SCT Auditing Pending Reports	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\	Jump to behavior

IP address seen in connection with other malware

Source: Joe Sandbox View	IP Address: 162.159.61.3 162.159.61.3
Source: Joe Sandbox View	IP Address: 185.199.111.133 185.199.111.133
Source: Joe Sandbox View	IP Address: 172.64.41.3 172.64.41.3
Source: Joe Sandbox View	IP Address: 151.101.130.137 151.101.130.137
Source: Joe Sandbox View	IP Address: 151.101.130.137 151.101.130.137

Uses a known web browser user agent for HTTP communication

Source: global traffic	HTTP traffic detected: GET /jquery-3.7.1.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveAccept: /User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47 wails.iosec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://wails.localhost/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /n3r4zzurr0/svg-spinners/main/preview/90-ring-with-bg-black-36.svg HTTP/1.1Host: raw.githubusercontent.comConnection: keep-aliveAccept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47 wails.iosec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://wails.localhost/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8

Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /jquery-3.7.1.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveAccept: /User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47 wails.iosec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://wails.localhost/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /n3r4zzurr0/svg-spinners/main/preview/90-ring-with-bg-black-36.svg HTTP/1.1Host: raw.githubusercontent.comConnection: keep-aliveAccept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47 wails.iosec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://wails.localhost/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8

Source: msedgewebview2.exe, 00000002.00000002.2937017514.00004C64036F0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: ?www.facebook.com equals www.facebook.com (Facebook)
Source: msedgewebview2.exe, 00000002.00000002.2937165871.00004C6403724000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: dLwww.facebook.com equals www.facebook.com (Facebook)
Source: msedgewebview2.exe, 00000008.00000003.1682298933.00004C18008A4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.2344807362.00004C18008A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1676983955.00004C18008A4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://microsoftstart.msn.cn/https://rewards.microsoft.com/https://www.microsoftnews.com/https://www.facebook.com/www.staging-bing-int.comaction.getBadgeTextColorbrowserAction.openPopupmanifest:browser_action@ equals www.facebook.com (Facebook)
Source: msedgewebview2.exe, 00000002.00000002.2930853182.00004C64026B4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1682298933.00004C18008A4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.2344807362.00004C18008A8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.facebook.com/* equals www.facebook.com (Facebook)
Source: msedgewebview2.exe, 00000002.00000002.2927782050.00004C64022D4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2937165871.00004C6403724000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2937017514.00004C64036F0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)

Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: raw.githubusercontent.com
Source: global traffic	DNS traffic detected: DNS query: chrome.cloudflare-dns.com
Source: global traffic	DNS traffic detected: DNS query: 198.187.3.20.in-addr.arpa

Source: unknown

Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://.ocx.cabhtml:file::LowTelemetry
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671847131.00000A7400150000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/1423136
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2162
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2517
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2970
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2970r
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3078
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3078P
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3205
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3205c
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3206
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3452
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3452Q
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3498
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3498n
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3502
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3502W
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3577
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3584
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3586
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3586i
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2934760720.00004C64030D4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919224282.00000A74000A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3623
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2934760720.00004C64030D4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919224282.00000A74000A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3624
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2934760720.00004C64030D4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919224282.00000A74000A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3625
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3832
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3862
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3965
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3970
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4324
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4324y
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4384
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4405
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4428
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4428B
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4551
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4633
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4633=
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4722
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4722X
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4836
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4901
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4901T
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4937
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4937Z
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2927124013.00004C640221C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671847131.00000A7400150000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5007
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5055
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5061
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5061(
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5281
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5371
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5375
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5375S
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5421
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5430
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5535
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5658
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5750
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5881
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5881&
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5901
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/59013
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5906
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5906#
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5906.
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/59061
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6041
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6048
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6141
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6248
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6439
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6651
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6692
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6755
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6755g
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6860
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/68605
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6876
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6876R
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6878
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6929
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6929H
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6953
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2930294080.00004C64025DC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671847131.00000A7400150000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7036
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7047
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7047:
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7172
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7279
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7370
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7370o
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7406
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7406;
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7488
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7553
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7556
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2927124013.00004C640221C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671847131.00000A7400150000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7724
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671847131.00000A7400150000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7760
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7761
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/8162
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/8162K
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/8215
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/8215O
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/8229
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/8229Y
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2927124013.00004C640221C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/8280
Source: BrowserUpdateTool.exe, 00000000.00000002.2913919025.000000C000C00000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.certigna.fr/certignarootca.crl
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000BE2000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.certigna.fr/certignarootca.crl01
Source: BrowserUpdateTool.exe, 00000000.00000002.2913919025.000000C000C00000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.certigna.fr/certignarootca.crlhttp://crl.dhimyotis.com/certignarootca.crl
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A24000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C0001EA000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A24000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl091
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A24000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.comodoca.com/COMODOCertificationAuthority.crl
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A4A000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.comodoca.com/COMODOCertificationAuthority.crl0
Source: BrowserUpdateTool.exe, 00000000.00000002.2913919025.000000C000C00000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.dhimyotis.com/certignarootca.crl
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000BE2000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.dhimyotis.com/certignarootca.crl0
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A24000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.globalsign.net/root-r2.crl
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000509000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.globalsign.net/root-r2.crl0
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A24000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.globalsign.net/root-r2.crlEntrust.net
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A24000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.netsolssl.com/NetworkSolutionsCertificateAuthority.crl
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A4A000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.netsolssl.com/NetworkSolutionsCertificateAuthority.crl0
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A24000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.securetrust.com/SGCA.crl
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A4A000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.securetrust.com/SGCA.crl0
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A24000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.securetrust.com/SGCA.crl=
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A24000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.securetrust.com/STCA.crl
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A4A000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.securetrust.com/STCA.crl0
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A24000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.xrampsecurity.com/XGCA.crl
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C0001EA000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.xrampsecurity.com/XGCA.crl0
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A24000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl.xrampsecurity.com/XGCA.crlGo
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000509000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://earth.google.com/kml/2.0
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000509000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://earth.google.com/kml/2.1
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000509000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://earth.google.com/kml/2.2
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919858714.00000A7400104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://issuetracker.google.com/200067929
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000570000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.accv.es
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A70000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.accv.es0
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000570000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.accv.esTWCA
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://onsi.github.io/ginkgo/#%s
Source: msedgewebview2.exe, 00000002.00000002.2931159496.00004C640273C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://playinfo.gomlab.com/ending_browser.gom?product=GOMPLAYER
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C00083A000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://repository.swisssign.com/0
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
Source: BrowserUpdateTool.exe, 00000000.00000002.2929630610.0000619000244000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2930944054.00006190006F8000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2929459975.0000619000220000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2917172639.000000C000DF0000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2929518614.0000619000230000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1698629405.00004C640076C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2918286922.0000019D0A527000.00000004.08000000.00040000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2934018054.00004C6402E90000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2934176396.00004C6402EF8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2912053743.0000785800070000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2911931844.0000785800060000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2916085503.000078580023C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2912533142.00007858000B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2911794989.0000785800054000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000002.2900246129.0000408400024000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000002.2895372254.000001E782BB7000.00000004.10000000.00040000.00000000.sdmp, data_1.6.dr	String found in binary or memory: http://wails.localhost
Source: BrowserUpdateTool.exe, 00000000.00000002.2917172639.000000C000DF0000.00000004.00001000.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933875020.00004C6402E5C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2932491826.00004C6402B84000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2934866795.00004C6403104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933062655.00004C6402C80000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2934796071.00004C64030EC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2928410425.00004C6402384000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1679353468.00004C64032F8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1698751840.00004C6402450000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2929780617.00004C640249F000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933288615.00004C6402D0C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.2258233470.00004C64032ED000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2930294080.00004C64025DC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1679285905.00004C640321C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2927124013.00004C640221C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2928716071.00004C64023D4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1679329198.00004C64030E0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2934057311.00004C6402EA4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2930853182.00004C64026B4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/
Source: msedgewebview2.exe, 00000002.00000002.2934866795.00004C6403104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2934796071.00004C64030EC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1679329198.00004C64030E0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost//newsbar
Source: msedgewebview2.exe, 00000002.00000002.2934796071.00004C64030EC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1679329198.00004C64030E0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/83a6a7c59200
Source: msedgewebview2.exe, 00000002.00000002.2931825028.00004C6402AA0000.00000004.00000800.00020000.00000000.sdmp, History.2.dr	String found in binary or memory: http://wails.localhost/Browser
Source: msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/Char
Source: msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/CharB
Source: msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/CharX
Source: BrowserUpdateTool.exe, 00000000.00000002.2913919025.000000C000C00000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/Internal
Source: msedgewebview2.exe, 00000002.00000002.2928410425.00004C6402384000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2929629224.00004C6402460000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/Ld
Source: msedgewebview2.exe, 00000002.00000002.2933875020.00004C6402E5C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/P
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000570000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/TranslateMessageDispatchMessageWUser-Agent
Source: msedgewebview2.exe, 00000002.00000002.2928410425.00004C6402384000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2929629224.00004C6402460000.00000004.00000800.00020000.00000000.sdmp, ce7a59cbee8b4379_0.2.dr	String found in binary or memory: http://wails.localhost/assets/index.25ad37ba.js
Source: BrowserUpdateTool.exe, 00000000.00000002.2919669132.0000019BCC8BD000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/brave.svga
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E88000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/brave.svghttp://wails.localhost/brave.svg
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/chrome-beta.svg
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/chrome-beta.svghttp://wails.localhost/chromium.svgInternal
Source: BrowserUpdateTool.exe, 00000000.00000002.2913919025.000000C000C00000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1692541612.0000019BCC8BE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/chrome.svg
Source: BrowserUpdateTool.exe, 00000000.00000002.2913919025.000000C000C00000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/chrome.svgInternal
Source: BrowserUpdateTool.exe, 00000000.00000003.1692541612.0000019BCC8BE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/chrome.svgs
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.1696087200.000078580038C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1697435546.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1698087246.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1696826623.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1696636671.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.2344856112.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/chromium.svg
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/chromium.svgbackend.App.GetBrowsers-2302447986
Source: BrowserUpdateTool.exe, 00000000.00000003.1692541612.0000019BCC8BE000.00000004.00000020.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E88000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2919669132.0000019BCC8BD000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1697435546.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1698087246.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1696826623.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1696636671.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.2344856112.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/edge.svg
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E88000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/edge.svghttp://wails.localhost/edge.svg
Source: msedgewebview2.exe, 00000002.00000002.2933875020.00004C6402E5C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2934866795.00004C6403104000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/erPolicy
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2919669132.0000019BCC8BD000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2932491826.00004C6402B84000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933654153.00004C6402DD0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2934176396.00004C6402EF8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2931941203.00004C6402ABC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.2098078642.00004C1801500000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000002.2895372254.000001E782BB7000.00000004.10000000.00040000.00000000.sdmp	String found in binary or memory: http://wails.localhost/favicon.ico
Source: msedgewebview2.exe, 00000002.00000002.2933654153.00004C6402DD0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2931941203.00004C6402ABC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/favicon.ico2
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/favicon.icoInternal
Source: BrowserUpdateTool.exe, 00000000.00000002.2930356511.00006190002D0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2918286922.0000019D0A527000.00000004.08000000.00040000.00000000.sdmp	String found in binary or memory: http://wails.localhost/favicon.icofmethodcGETgheaders
Source: BrowserUpdateTool.exe, 00000000.00000003.1692541612.0000019BCC8BE000.00000004.00000020.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1697435546.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1698087246.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1696826623.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1696636671.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.2344856112.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/firefox.svg
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/firefox.svgInternal
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000570000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/http://wails.localhost/
Source: msedgewebview2.exe, 00000002.00000002.2933288615.00004C6402D0C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/ipe
Source: BrowserUpdateTool.exe, 00000000.00000002.2930356511.00006190002D0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2918286922.0000019D0A527000.00000004.08000000.00040000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2928028384.00004C6402328000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/jUser-Agentx
Source: BrowserUpdateTool.exe, 00000000.00000002.2919669132.0000019BCC834000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/n
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1697435546.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1698087246.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1696826623.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1696636671.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.2344856112.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/opera-gx.svg
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/opera-gx.svgInternal
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/opera-gx.svghttp://wails.localhost/chrome-beta.svgInternal
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E88000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/opera.svghttp://wails.localhost/opera.svg
Source: msedgewebview2.exe, 00000002.00000002.2932491826.00004C6402B84000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/oratorOnPMSequenceify
Source: BrowserUpdateTool.exe, 00000000.00000002.2917172639.000000C000DF0000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/pW%
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://wails.localhost/runtime.WindowReload();msSmartScreenProtectiononly
Source: msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/w
Source: msedgewebview2.exe, 00000002.00000003.1679353468.00004C64032F8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/wails/ipc.js
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000582000.00000004.00001000.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933288615.00004C6402D0C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1679285905.00004C640321C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2930853182.00004C64026B4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2932372135.00004C6402B4C000.00000004.00000800.00020000.00000000.sdmp, 1afe9cacc9803fd2_0.2.dr	String found in binary or memory: http://wails.localhost/wails/runtime.js
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000582000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/wails/runtime.jsInternal
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000582000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/wails/runtime.jshttp://wails.localhost/assets/index.25ad37ba.jsInternal
Source: msedgewebview2.exe, 00000002.00000002.2934866795.00004C6403104000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost/windows/newsbar
Source: msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhost:80
Source: BrowserUpdateTool.exe, 00000000.00000002.2917172639.000000C000DF0000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wails.localhostpW%
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.4399.com/flash/32979.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.4399.com/flash/48399.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.4399.com/flash/seer.htm
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A70000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1.crt0
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A70000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A70000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl0
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A70000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl0B1
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A70000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.accv.es/legislacion_c.htm0U
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A70000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.accv.es00
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000B18000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.cert.fnmt.es/dpcs/0
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000436000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.collada.org/2005/11/COLLADASchema
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C0000A4000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.firmaprofesional.com/cps0
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000036000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.garmin.com/xmlschemas/TrainingCenterDatabase/v2
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=webreferrerEvalError
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://www.ibm.com/data/dtd/v11/ibmxhtml1-transitional.dtd%v:
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000509000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.opengis.net/gml
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000509000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://www.opengis.net/gml/3.2
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000036000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000509000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: http://www.opengis.net/gml/3.3/exr
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000509000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.opengis.net/kml/2.2
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C00083A000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.quovadis.bm0
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C0000A4000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.quovadisglobal.com/cps0
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000036000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000509000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.topografix.com/GPX/1/1
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://If-MatchInfinityCancelIotext/xmltext/csv.geojsontext/rtftext/vtttext/rssfont/ttffont/otf.tor
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/4830
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/4966
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/5845
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/6574
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7161
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7162
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7246
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7308
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7308E
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7319
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7319h
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7320
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7369
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/73697
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7369F
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7369J
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7382
Source: msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/73826
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7489
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7604
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7714
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675099474.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935261131.00004C6403178000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7847
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920923446.00000A740020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/7899
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000BE2000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://api.cloudflare.com/client/v4
Source: msedgewebview2.exe, 00000002.00000002.2929022814.00004C640240C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://azureedge.net/
Source: msedgewebview2.exe, 00000002.00000002.2930420867.00004C640260C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://baduk.hangame.com/?utm_source=baduk&utm_medium=icon&utm_campaign=shortcut
Source: msedgewebview2.exe, 00000002.00000002.2929288055.00004C6402434000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cdn.designerapp.osi.office.net/
Source: msedgewebview2.exe, 00000002.00000002.2929288055.00004C6402434000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cdn.edog.designerapp.osi.office.net/
Source: msedgewebview2.exe, 00000002.00000002.2929288055.00004C6402434000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cdn.int.designerapp.osi.office.net/
Source: BrowserUpdateTool.exe, 00000000.00000002.2917172639.000000C000DB8000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675867905.0000619000398000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675759587.0000619000644000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1677666100.0000019BCC890000.00000004.00000020.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675914297.00006190006D0000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675288454.00006190006B4000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675450421.000061900067C000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675124142.0000619000398000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675815983.000061900060C000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2917172639.000000C000D88000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000942000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675192944.00006190003B4000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2917172639.000000C000DF0000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675221871.00006190003B4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1677371751.00004C64032A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2928716071.00004C64023D4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1677415384.00004C640328C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2929629224.00004C6402460000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1677476928.00004C6403238000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://code.jquery.com/jquery-3.7.1.min.js
Source: BrowserUpdateTool.exe, 00000000.00000002.2918128285.000000C000E8C000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://code.jquery.com/jquery-3.7.1.min.jshttp://wails.localhost/firefox.svgInternal
Source: msedgewebview2.exe, 00000002.00000002.2932741360.00004C6402BE0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1711111569.00004C6403308000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2913208128.00007858000E4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2270950364.000078580028A000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.1708284697.0000785800388000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2911794989.0000785800054000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2912634435.00007858000CA000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2270950364.0000785800288000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.1727208342.00007858002AA000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.1706017081.0000785800388000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1709270172.00004C1800C4C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000002.2895998296.000001E782BFD000.00000004.10000000.00040000.00000000.sdmp, data_2.6.dr	String found in binary or memory: https://csp.withgoogle.com/csp/apps-themes
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://daringfireball.net/projects/markdown/).
Source: msedgewebview2.exe, 00000002.00000002.2929288055.00004C6402434000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2928626686.00004C64023C0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://designerapp-dogfood.azurewebsites.net/
Source: msedgewebview2.exe, 00000002.00000002.2929288055.00004C6402434000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2928626686.00004C64023C0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://designerapp-int.azurewebsites.net/
Source: msedgewebview2.exe, 00000002.00000002.2929288055.00004C6402434000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2928626686.00004C64023C0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://designerapp.azurewebsites.net/
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://doi.org/GetPartitions:
Source: msedgewebview2.exe, 00000002.00000002.2935912672.00004C64032D4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2929965812.00004C64024C0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://edge-conumer-static.azureedge.net/static/edropstatic/2023/09/13/2/static/js/main.2c5481de.js
Source: BrowserUpdateTool.exe, 00000000.00000003.1674672079.0000619000338000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675867905.0000619000398000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1674541119.0000619000320000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675759587.0000619000644000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675036155.0000619000350000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C0001BC000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675914297.00006190006D0000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675288454.00006190006B4000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675450421.000061900067C000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1674307964.0000619000314000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675124142.0000619000398000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675815983.000061900060C000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2917172639.000000C000D88000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000942000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675192944.00006190003B4000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A0E000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1674882235.0000619000344000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2917172639.000000C000DF0000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1674647869.000061900032C000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000003.1675221871.00006190003B4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://esm.run/
Source: BrowserUpdateTool.exe, 00000000.00000002.2930944054.00006190006F8000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2929459975.0000619000220000.00000004.00000800.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2929518614.0000619000230000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2918286922.0000019D0A527000.00000004.08000000.00040000.00000000.sdmp, msedgewebview2.exe, 00000008.00000002.2895372254.000001E782BB7000.00000004.10000000.00040000.00000000.sdmp	String found in binary or memory: https://fonts.googleapis.com/
Source: BrowserUpdateTool.exe, 00000000.00000002.2913919025.000000C000C5C000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2919669132.0000019BCC834000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2911931844.0000785800060000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.2298208397.00004C1800DD8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1685248498.00004C1800788000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1685095470.00004C1800DD8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1696826623.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1696636671.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, data_1.6.dr	String found in binary or memory: https://fonts.googleapis.com/css2?family=Roboto:wght
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000036000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2919669132.0000019BCC8C4000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2911931844.0000785800060000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2912533142.00007858000B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000002.2895372254.000001E782BB7000.00000004.10000000.00040000.00000000.sdmp, data_1.6.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000036000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2https://fonts.gstatic.com/s/rob
Source: msedgewebview2.exe, 00000002.00000002.2928410425.00004C6402384000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2912533142.00007858000B0000.00000004.00000800.00020000.00000000.sdmp, data_1.6.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Source: BrowserUpdateTool.exe, 00000000.00000002.2919669132.0000019BCC87D000.00000004.00000020.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000036000.00000004.00001000.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2911931844.0000785800060000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2912533142.00007858000B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000002.2895372254.000001E782BB7000.00000004.10000000.00040000.00000000.sdmp, data_1.6.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000036000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2https://fonts.gstatic.com/s/roboto/
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EFD3C000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://github.com/dotnet/roslyn
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://github.com/go-sql-driver/mysql/wiki/strict-modeChannel
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000014000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000071000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md#deprecated-cli-app-action-signature
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000071000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md#deprecated-cli-app-action-signatureC:
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000014000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md#deprecated-cli-app-action-signatureMozilla
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000014000.00000004.00001000.00020000.00000000.sdmp, BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000071000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/urfave/cli/blob/master/CHANGELOG.md#deprecated-cli-app-action-signature
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000014000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/urfave/cli/blob/master/CHANGELOG.md#deprecated-cli-app-action-signaturewindow.wai
Source: msedgewebview2.exe, 00000002.00000002.2929022814.00004C640240C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://google.com/
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://gorm.io/docs/hooks.htmlAn
Source: msedgewebview2.exe, 00000002.00000002.2931159496.00004C640273C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://hao123-static.cdn.bcebos.com/manual-res/jump_index.html
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C000308000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://iamcrede/v1/projects/-/s:generateAccessT-.09AZ__az-.09AZ__az-.09AZ__az-.09AZ__az-.09AZ__az-.
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C00045E000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://iamcredentials./v1/projects/-/serviceAccounts/:generateAccessTokenThe
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A70000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://iamcredentials.X-Appengine-Api-TicketX-Google-DappertraceinfoX-Appengine-User-IpX-Appengine-
Source: BrowserUpdateTool.exe, 00000000.00000002.2913919025.000000C000C00000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://iamcredentials.X-Appengine-Current-NamespaceX-Google-Rpc-Service-EndpointX-Google-Rpc-Servic
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919858714.00000A7400104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/161903006
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919858714.00000A7400104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/166809097
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919858714.00000A7400104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/184850002
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919858714.00000A7400104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/187425444
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/220069903
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919858714.00000A7400104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/229267970
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919858714.00000A7400104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/250706693
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919858714.00000A7400104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/253522366
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919858714.00000A7400104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/255411748
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919858714.00000A7400104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/258207403
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919858714.00000A7400104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/274859104
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2935400432.00004C64031C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920996519.00000A7400218000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2919858714.00000A7400104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2920270718.00000A7400148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918251797.00000A740000C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/284462263
Source: msedgewebview2.exe, 00000002.00000003.1675129970.00004C6402FA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000003.1675160178.00004C64031A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2934725094.00004C64030C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1672031879.00000A7400188000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671875188.00000A7400160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671925091.00000A740017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671899045.00000A7400170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000002.2918348926.00000A7400024000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000005.00000003.1671944845.00000A74001C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/issues/166475273
Source: msedgewebview2.exe, 00000002.00000002.2927305335.00004C6402258000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2914587041.0000019D050F4000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2919197827.0000019D0B932000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://login.live.com
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://login.microsoftonline.com/google.protobuf.Struct.FieldsEntryccm:
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://login.microsoftonline.us/cockroach.errorspb.EncodedWrappercockroach.errorspb.StringsPayload&
Source: msedgewebview2.exe, 00000002.00000002.2929022814.00004C640240C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://msn.cn/
Source: msedgewebview2.exe, 00000002.00000002.2929022814.00004C640240C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://msn.com/
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://news.4399.com/aoyazhiguang/
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000A24000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://ocsp.quovadisoffshore.com
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C00083A000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://ocsp.quovadisoffshore.com0
Source: msedgewebview2.exe, 00000002.00000002.2929022814.00004C640240C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://office.net/
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://onsi.github.io/gomega/#adjusting-output
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://onsi.github.io/gomega/#eventually
Source: msedgewebview2.exe, 00000002.00000002.2932952723.00004C6402C3C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2927124013.00004C640221C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2928626686.00004C64023C0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2916085503.000078580023C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/
Source: msedgewebview2.exe, 00000002.00000002.2932251345.00004C6402B1C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/Logout?source=ChromiumBrowser&continue=https://permanently-remov
Source: msedgewebview2.exe, 00000002.00000002.2927305335.00004C6402258000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/encryption/unlock/desktop?kdi=CAIaDgoKY2hyb21lc3luYxAB
Source: msedgewebview2.exe, 00000002.00000002.2930794775.00004C64026A4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/v1:GetHints
Source: BrowserUpdateTool.exe, 00000000.00000002.2895096246.000000C0001A2000.00000004.00001000.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2912533142.00007858000B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.1691619209.000078580038C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.2298208397.00004C1800DD8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1697435546.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1709270172.00004C1800C4C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1698087246.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1685248498.00004C1800788000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1685095470.00004C1800DD8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1696826623.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.1696636671.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000008.00000003.2344856112.00004C18010BC000.00000004.00000800.00020000.00000000.sdmp, data_1.6.dr	String found in binary or memory: https://raw.githubusercontent.com/n3r4zzurr0/svg-spinners/main/preview/90-ring-with-bg-black-36.svg
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/100030_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/10305_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/10379.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/10379_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/107884_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/109832_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/110975_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/112689_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/115339_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/117227_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/117945_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/118852_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/122099_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/12669_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/127539_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/130389_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/130396.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/130396_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/132028.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/133630_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/134302_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/136516_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/137116_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/137953_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/1382_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/145991_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/151915_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/155283_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/155476_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/15548_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/160944_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/163478_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/171322_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/173634_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/177937_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/17801_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/18012.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/18012_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/180977_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/18169_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/187040_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/187228_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/188593.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/188739_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/189558_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/191203_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/195673_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/195673_4.htmhttps://www.4399.com/flash/191203_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/195990_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/198491_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/198637_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/198660_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/199408_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/202061_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/202574_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/202604_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/202692_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/202724_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/202785.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/202819_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/202828_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/202901_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/202907_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/202911_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203018_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203093_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203152.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203153_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203154.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203166_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203178_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203215_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203231_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203369_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203371_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203404_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203453_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203476_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203481_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203495_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203515_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203564_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203682_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/203768_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204044_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204056_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204206.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204255_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204290_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204422_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204429_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204562_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204650_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204685_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204886_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204926_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204952_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/204989_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/205090_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/205147.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/205165.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/205182.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/205235_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/205325_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/205341_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/205462_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/205536_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/205551_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/205845_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/206114_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/20660_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/206724_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/206724_3.htmhttps://www.4399.com/flash/20660_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/207195_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/207717_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/208107_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/209567_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/210650_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/212767_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/21552_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/216417_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/21674_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/217370_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/217603_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/217622_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/217629_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/217706_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/217815_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/217844_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/217855_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/217926_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/218066_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/218162_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/218717_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/218860_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/218939_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/220266_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/221162_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/221700_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/221839_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/222061_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/222151_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/222442_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/22287_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/223745.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/223745_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/225193_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/227465_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/230446_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/231814_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/27924.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/27924_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/32979_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/35538.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/35538_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/3881_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/3883_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/39379_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/40779_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/41193_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/42760_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/43689_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/43841_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/47931_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/48272_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/48504.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/48504_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/55146_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/59227_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/60369_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/6232_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/63805_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/65731_2.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/69112_4.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/69156_1.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/93398_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/93551_3.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/yzzrhj.htm
Source: msedgewebview2.exe, 00000002.00000002.2931499935.00004C64027C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/zmhj.htm
Source: msedgewebview2.exe, 00000002.00000002.2931159496.00004C640273C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.4399.com/flash/zmhj.htm#search3-6407
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: https://www.apple.com/appleca/0
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000582000.00000004.00001000.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2928028384.00004C6402328000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.catcert.net/verarrel
Source: BrowserUpdateTool.exe, 00000000.00000002.2902814216.000000C000582000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.catcert.net/verarrel05
Source: BrowserUpdateTool.exe, 00000000.00000000.1643024414.00007FF6EC1F9000.00000008.00000001.01000000.00000003.sdmp, BrowserUpdateTool.exe, 00000000.00000000.1643024414.00007FF6EC2EC000.00000008.00000001.01000000.00000003.sdmp	String found in binary or memory: https://www.googleapis.com/auth/cloud-platform
Source: BrowserUpdateTool.exe, 00000000.00000000.1643024414.00007FF6EC2EC000.00000008.00000001.01000000.00000003.sdmp	String found in binary or memory: https://www.googleapis.com/auth/cloud-platform.read-only
Source: BrowserUpdateTool.exe, 00000000.00000000.1643024414.00007FF6EC1F9000.00000008.00000001.01000000.00000003.sdmp	String found in binary or memory: https://www.googleapis.com/auth/datastoreB
Source: BrowserUpdateTool.exe, 00000000.00000000.1643024414.00007FF6EC2EC000.00000008.00000001.01000000.00000003.sdmp	String found in binary or memory: https://www.googleapis.com/auth/devstorage.full_control
Source: BrowserUpdateTool.exe, 00000000.00000000.1643024414.00007FF6EC2EC000.00000008.00000001.01000000.00000003.sdmp	String found in binary or memory: https://www.googleapis.com/auth/devstorage.read_only
Source: BrowserUpdateTool.exe, 00000000.00000000.1643024414.00007FF6EC2EC000.00000008.00000001.01000000.00000003.sdmp	String found in binary or memory: https://www.googleapis.com/auth/devstorage.read_writeB
Source: msedgewebview2.exe, 00000002.00000002.2931159496.00004C640273C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.ludashi.com/cms/server/monitor.php?id=
Source: msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2927124013.00004C640221C000.00000004.00000800.00020000.00000000.sdmp, Top Sites.2.dr	String found in binary or memory: https://www.office.com/
Source: msedgewebview2.exe, 00000002.00000002.2936057775.00004C64032F8000.00000004.00000800.00020000.00000000.sdmp, Top Sites.2.dr	String found in binary or memory: https://www.office.com/Office
Source: msedgewebview2.exe, 00000002.00000002.2936057775.00004C64032F8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.office.com/Office8
Source: msedgewebview2.exe, 00000002.00000002.2936057775.00004C64032F8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.office.com/OfficeeEATE
Source: msedgewebview2.exe, 00000002.00000002.2933102797.00004C6402CA8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.office.com/wdL
Source: msedgewebview2.exe, 00000002.00000002.2931159496.00004C640273C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.so.com/s?ie=
Source: BrowserUpdateTool.exe, 00000000.00000002.2907968286.000000C000BE2000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://wwww.certigna.fr/autorites/0m

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443

Installs a raw input device (often for capturing keystrokes)

Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp

Binary or memory string: GetRawInputData

memstr_396dedc1-7

PE file contains executable resources (Code or Archives)

Source: BrowserUpdateTool.exe	Static PE information: Resource name: BINARY type: PE32+ executable (DLL) (console) x86-64, for MS Windows
Source: BrowserUpdateTool.exe	Static PE information: Resource name: BINARY type: PE32+ executable (DLL) (console) x86-64, for MS Windows
Source: BrowserUpdateTool.exe	Static PE information: Resource name: RT_RCDATA type: PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows

PE file contains more sections than normal

Source: BrowserUpdateTool.exe

Static PE information: Number of sections : 12 > 10

Sample file is different than original file name gathered from version info

Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenameMsMpEngCP.exeZ vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenameMsMpEngSvc.dllZ vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenamempengine.dllZ vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenameMpGear.dllZ vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenameMicrosoft.CodeAnalysis.CSharp.dll\ vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF330000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenameKSLD.sysZ vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilename vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: \Unknown member: doshdr.%spevars not availableUnknown member: pehdr.%sInvalid index in DataDirectory: %dInvalid index in opclog: %dInvalid index in fopclog2: %dInvalid index in epcode: %dInvalid index in fopclog: %dUnknown member: peattributes.%sInvalid section %d or bigger than NumberOfSection=%d!__mmap_ex() failedpe_fofs_to_mofs failed!__mmap_ex(%d) failedmmap_patch(): buffer is emptymmap_patch_buff() failedpe_mofs_to_fofs(%d) failedUfsSeekRead(%d) failedImageName is NULLStringCchCopyA failedFileDescriptionInternalNameCompanyNamepe.get_versioninfo() failed to create the StringVersionIterator: %sInvalid sigattr_head indexpe.vm_search: mask_size != buffer_sizeInvalid index in netmetadata.tokens: %dpe.get_fixedversioninfo() failed to create the StringVersionIterator: %sFileVersionFileTypeFileSubtypeFileDateOriginalFilenameProductVersionFileFlagsMaskFileFlagsFileOSpe.metadata_decode: decode failed for 0x%xInvalid index in v->imps: %dfnrvape.metadata_decode: Invalid field index %d (should be 1-based)9m vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: ClearOriginalFileName vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: $OFNAllowIdenticalNamesClearOriginalFileName vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: mZOriginalFileNameMaintenanceWindow vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: mZOriginalFileNameMaintenanceWindowprocessed%zd files in Moac, %zd skipped (cached), %zd filename setOriginalFileName Maintenance:HintENG:OFNPROCESSED:) vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: .?AVCMaintenanceOriginalFileNameTask@@ vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenameBTR.sysZ vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenameoffreg.dllj% vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenameKSLDriver.sysZ vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: GetOriginalFileName vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SetOriginalFileName vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: ENG:OFNSET:SetOriginalFileNameProcess:process:// vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFileName vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFileNameCreatorProcessId<Process ProcessId="%u" ProcessCreationTime="%llu" CreatorProcessId="%u" CreatorProcessCreationTime="%llu" Name="%s" IsExcluded="%u" IsFriendly="%u"> vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SecondParameterBM_RegistryKeyDeleteBM_RegistryKeyRenameBM_RegistryDeleteValueBM_RegistrySetValueBM_OpenFileBM_DeleteFileBM_RegistryKeyCreateBM_FileMetaDataBM_ProcessCreateBM_RawWriteBM_NetworkDetectionBM_ProcessStartBM_NetworkDataSendBM_NetworkConnectBM_RemoteThreadCreateBM_BootSectorChangeBM_Etw_PsSetLoadImageNotifyRoutineBM_EngineInternalBM_Etw_SetEventHookBM_Etw_TerminateProcessBM_ModuleLoadBM_ArDetectionBM_RegistryBlockDeleteBM_RegistryBlockSetBM_Etw_OpenThreadBM_Etw_OpenProcessBM_Etw_RegisterShutdownBM_Etw_RegisterLastShutdownBM_Etw_NtAdjustPrivilegesBM_Etw_RegisterInputDevicesBM_Etw_WriteMemoryBM_Etw_SetThreadContextBM_RegistryBlockReplaceBM_RegistryBlockRestoreBM_DesktopBM_VolumeMountBM_RegistryRestoreBM_Etw_CreateLinkBM_RegistryBlockRenameBM_RegistryReplaceBM_Etw_SetWindowsHookBM_Etw_BlockExploitBM_CreateFolderBM_Etw_GetAsyncKeyStateBM_BlockOpenProcessBM_OpenProcessBM_Etw_CodeInjectionBM_RegistryBlockCreateBM_EnumFolderBM_Etw_WMIExecMethodBM_Etw_OCTAGON_PROCESS_TOKEN_TAMPERING_ENFORCEBM_RenameFolderBM_Etw_DirEnumBM_Etw_AllocVmLocalBM_Etw_WMIActivityNewBM_Etw_ClearLogBM_Etw_OCTAGON_DANGEROUS_DEVICE_PRESENT_AUDITBM_Etw_OCTAGON_DRIVER_DISPATCH_REDIRECTION_AUDITBM_HardLinkFileBM_Etw_OCTAGON_RUNTIME_CI_FAILURE_AUDITBM_Etw_OCTAGON_DANGEROUS_DEVICE_PRESENT_ENFORCEBM_Etw_OCTAGON_DRIVER_DISPATCH_REDIRECTION_ENFORCEBM_Etw_OCTAGON_PROCESS_TOKEN_TAMPERING_AUDITBM_Etw_OCTAGON_RUNTIME_CI_FAILURE_ENFORCEBM_Etw_CredEnumerateBM_Etw_CredReadCredentialsBM_Etw_CredFindBestCredentialBM_Etw_CredReadDomainCredentialsBM_DLPBM_CopyFileBM_Etw_OCTAGON_PROCESS_TAMPERING_AUDITBM_Etw_OCTAGON_PROCESS_TAMPERING_ENFORCEBM_TaintBM_Etw_VaultGetUniqueCredentialBM_Amsi_MatchBM_Amsi_ScanBM_Etw_CredBackupCredentialsBM_Etw_CredReadByTokenHandleBM_Etw_VaultEnumerateCredentialsBM_Etw_VaultFindCredentialsBM_Etw_LogonFailureBM_Etw_LogonSuccessBM_Etw_AccountPasswordChangedBM_Etw_UserAccountChangedBM_Etw_BITSCreateBM_Etw_LDAPSearchBM_Etw_ScheduledTaskUpdateBM_Etw_ScheduledTaskCreateBM_Etw_ExploitProtectionBM_Etw_UserAccountCreatedBM_Network_VolumeBM_Network_PortOpenBM_Etw_HiveHistoryClearBM_Etw_AccountPasswordResetBM_SignatureTriggerBM_OriginalFileNameBM_Etw_UnloadDriverBM_Etw_LoadDriverBM_Etw_UnloadDeviceBM_Etw_LoadDeviceBM_Etw_ResumeThreadBM_Etw_SuspendThreadBM_Etw_ResumeProcessBM_Etw_SuspendProcessBM_Etw_ServiceHostStartedBM_Etw_ServiceChangeAccountInfoBM_Network_FailureBM_Etw_ServiceStartedBM_Etw_ServiceStopBM_Etw_ProtectVmLocalBM_Etw_ServiceChangeBinaryPathBM_Etw_ServiceChangeStartTypeAL""L"%ls""%hS"BM_Etw_AllocVmRemoteBM_Etw_ProtectVmRemoteBM_Etw_V2CodeInjectionBM_Etw_ReadVmRemoteATTR_%08lxSigSeqThreatName{0, %ls, __attr_none__, %ls, %ls}0x%lXError while processing Event, i.e you're missing an event.Error while processing Event: ID = [%d], HR = [%lx]IsPePlusIsPeFileInfoIsPacked vs BrowserUpdateTool.exe
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenameCompanyNameCommentsLegalCopyrightProductNameFileDescriptionLegalTrademarksPeStaticCRC3LengthCRC1IatSkipCRC3CRC2CopyrightCommentsArchitectureTrademarksFileVersionPeStaticsEpSecSectionKCRC2KCRC1KCRC3InternalNameFileDescriptionOriginalFileNamePEUnknownx86ia64x64 vs BrowserUpdateTool.exe

Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ED5F7000.00000002.00000001.01000000.00000003.sdmp

Binary or memory string: h2EgHM.VbpMsfk

Source: classification engine

Classification label: clean19.mine.winEXE@14/149@9/5

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe

File created: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe

Jump to behavior

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe

Mutant created: NULL

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe

File created: C:\Users\user\AppData\Local\Temp\f89a6234-c655-4792-86ba-7884a20c76f4.tmp

Jump to behavior

Source: C:\Users\user\Desktop\BrowserUpdateTool.exe

Jump to behavior

Source: BrowserUpdateTool.exe

Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: C:\Users\user\Desktop\BrowserUpdateTool.exe

Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File read: C:\Windows\System32\drivers\etc\hosts			Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File read: C:\Windows\System32\drivers\etc\hosts			Jump to behavior

Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT 1 FROM SQLITE_MASTER WHERE type=? AND name=? LIMIT 1;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO FileLowFiAsync(Key, FileName, SigSeq, SigSha, SigIsSync, InstanceTimeStamp) VALUES(?, ? , ? , ? , ? , ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM ProcessBlockHistory WHERE ProcessPath = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO AnomalyInfo(Key, UnbiasedTime) VALUES (?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(13, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(1) FROM AutoFeatureControl;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT DISTINCT TableName FROM AnomalyTables;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key FROM FileHashes WHERE FileHashes.Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(1) FROM RansomwareDetections;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE %Q.%s SET tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqlite_autoindex%%' AND type='index' THEN 'sqlite_autoindex_' \|\| %Q \|\| substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(1) FROM NetworkIpFirewallRules;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO RollingQueuesValues(EntryTable, EntryKey, EntryValue, InsertTime, ExpireTime) VALUES(? , ? , ? , ? , ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key, VSN, FileID, USN, InstanceTimeStamp, SHA1, MD5, SHA256, LSHASH, LSHASHS, CTPH, PartialCRC1, PartialCRC2, PartialCRC3, KCRC1, KCRC2, KCRC3, KCRC3n FROM FileHashes WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ProcessPath, TimeStamp, TargetPath, RuleId, IsAudit, Action, ProcessTaintReason, ProcessIntegrity FROM ProcessBlockHistory WHERE ProcessPath = ? ORDER BY TimeStamp DESC;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT COUNT(1) FROM FileLowFiAsync;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID from RecordIdentifier WHERE Key = ? AND RecordTimeStamp = ? ;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(1) FROM SystemFileCache WHERE CleanFileShaHash = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(6, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(14, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO %Q.%s VALUES('index',%Q,%Q,#%d,%Q);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM DynSigRevisions WHERE DynSigRevisions.Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ProcessPath, TimeStamp, TargetPath, RuleId, IsAudit, Action, ProcessTaintReason, ProcessIntegrity FROM ProcessBlockHistory WHERE ProcessPath = ? AND TimeStamp = ? ORDER BY TimeStamp DESC;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ProcessPath, TimeStamp, TargetPath, RuleId, IsAudit, Action, ProcessTaintReason, ProcessIntegrity FROM ProcessBlockHistory WHERE RuleId = ? ORDER BY TimeStamp DESC;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(4, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key, Name, Capacity, TimeToLive, Mode FROM RollingQueuesTables WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO BmFileStartupActions(FilePathHash, FilePath, ActionFlags, ProcessStartCount, FdrFlags, FdrThreatRecordId, EvaluatorThreatRecordId, TrustedInstallerThreatRecordId, LFRThreatRecordId) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO BmFileActions(FileInfoId, ThreatRecordId, Action) VALUES (?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(5, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key, Name, Count, InsertTime, ExpireTime, UpdateTime, ScalarFactor, LinearFactor, DecayInterval, HighCount, LastDecayTime FROM AtomicCounters WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM FolderGuardPaths WHERE UserIdHash = ? LIMIT 1;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO RansomwareDetections(Key, DetectionGuid, LkgTS, NextUSN, DetectionTS, ProvisionalRemedComplTS, RemedComplTS, ImpactedCBPNameSpaces, InstanceTimeStamp) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(12, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT CleanFileSha, CleanFileShaHash FROM SystemFileCache WHERE InstanceTimeStamp < ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT PersistId, PersistIdBlob, ExpirationDate FROM AmsiFileCache WHERE ExpirationDate < DateTime(?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO DynSigRevisions(Key, SdnRevision, EsuRevision, BFRevision, EntCertRevision, TamperRevision, AGBlobRevision, BFFileAllowRevision, BFFileBlockRevision, BFCertAllowRevision, BFCertBlockRevision) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key, RecordTimeStamp, Generation FROM RecordIdentifier WHERE RecordIdentifier.ID IN (SELECT FileInstance.RecordID from FileInstance WHERE FileInstance.ParentRecordID = ? );
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT RuleAction, RuleId, IsAudit, IsInherited, State FROM BmHipsRuleInfo WHERE ProcessInfoId = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key, FirewallRuleName, ExpiryTime FROM NetworkIpFirewallRules WHERE ExpiryTime < ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(1) FROM SystemFileCache;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ProcessPath, TimeStamp, TargetPath, RuleId, IsAudit, Action, ProcessTaintReason, ProcessIntegrity FROM ProcessBlockHistory WHERE ProcessPath = ? ORDER BY TimeStamp DESC LIMIT 1;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO BmFileInfo(NormalizedPathHash, DosPathHash, StructVersion, NormalizedPath, DosPath, Wow64Context, MetaContext, IsFromWeb, IsExecutable) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(1) FROM SdnEx;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(3, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO FileInstance(InstanceTimeStamp, RecordID, ScanID, TrackingEnabled, StorageEvent, StorageEventState, ModificationsCount, ParentRecordID, Parent_FileEvent, Parent_FileName, Parent_ProcessID, Remote_ProcessID, FileID, FileName, USN, CreateTime, LastAccessTime, LastWriteTime, Signer, SignerHash, Issuer, SigningTime, MOTW, MOTWFromParent,IsValidCert, CertInvalidDetails, IsCatalogSigned) VALUES(?, ? , ?, ?, ?, ? , ? , ? , ? , ? , ?, ?, ?, ?, ?, ? , ? , ? , ? , ? , ?, ?, ?, ?, ?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT EntryTable, EntryKey, EntryValue, InsertTime, ExpireTime FROM RollingQueuesValues WHERE EntryTable = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO AtomicCounters(Key, Name, Count, InsertTime, ExpireTime, UpdateTime, ScalarFactor, LinearFactor, DecayInterval, HighCount, LastDecayTime) VALUES(? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Version, Current, LastUpdated FROM SQLiteGlobals WHERE Current = 1 ORDER BY Version DESC ;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM AmsiFileCache WHERE AmsiFileCache.PersistId = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO AttributeCounts(Key, Name, Count, InsertTime, ExpireTime) VALUES(? , ? , ? , ? , ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(28, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO AttributePersistContext(Key, FilePath, Context, InsertTime, ExpireTime) VALUES(? , ? , ? , ? , ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE AtomicCounters SET Name = ?, Count = ?, InsertTime = ?, ExpireTime = ?, UpdateTime = ?, ScalarFactor = ?, LinearFactor = ?, DecayInterval = ?, HighCount = ?, LastDecayTime = ?, WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID from File WHERE SHA1 = ? ;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO ScanInfo(SigSeq, PersistSigSeq, ProgenitorPersistSigSeq, ScanAgent, NamedAttributes, PeAttributes, SigAttrEvents, ScanReason, WebURL, EngineID, SigSha) VALUES(? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ? );
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT COUNT(DISTINCT ProcessPath) FROM ProcessBlockHistory;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM Engine WHERE EngineVersion = ? AND SigVersion = ? ;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO AmsiFileCache(PersistId, PersistIdBlob, ExpirationDate) VALUES (?, ?, DateTime('now', ?));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT COUNT(1) FROM AttributePersistContext;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(1) FROM SystemRegistryCache;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(24, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID, NormalizedPathHash, DosPathHash, StructVersion, NormalizedPath, DosPath, Wow64Context, MetaContext, IsFromWeb, IsExecutable FROM BmFileInfo WHERE NormalizedPathHash = ? OR DosPathHash = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(11, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO RansomwareDetections(Key, DetectionGuid, LkgTS, NextUSN, DetectionTS, ProvisionalRemedComplTS, RemedComplTS, ImpactedCBPNameSpaces, InstanceTimeStamp) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?);DELETE FROM RansomwareDetections WHERE InstanceTimeStamp < ?; SELECT Count(1) FROM RansomwareDetections;DELETE FROM RansomwareDetections WHERE Key = ?;SELECT DetectionGuid, LkgTS, NextUSN, DetectionTS, ProvisionalRemedComplTS, RemedComplTS, ImpactedCBPNameSpaces FROM RansomwareDetections WHERE Key = ?;SELECT ID FROM RansomwareDetections WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(31, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM BmFileInfo WHERE NormalizedPathHash = ? OR DosPathHash = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO BmFileStartupActions(FilePathHash, FilePath, ActionFlags, ProcessStartCount, FdrFlags, FdrThreatRecordId, EvaluatorThreatRecordId, TrustedInstallerThreatRecordId, LFRThreatRecordId) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?);DELETE FROM BmFileStartupActions WHERE BmFileStartupActions.FilePathHash = ?;SELECT Count(1) FROM BmFileStartupActions;SELECT ID FROM BmFileStartupActions WHERE BmFileStartupActions.FilePathHash = ?;SELECT FilePathHash, FilePath, ActionFlags, ProcessStartCount, FdrFlags, FdrThreatRecordId, EvaluatorThreatRecordId, TrustedInstallerThreatRecordId, LFRThreatRecordId FROM BmFileStartupActions WHERE FilePathHash = ?\|
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT InfectedFileSHA, ProcFileId, SystemFilePath, CleanFileSha FROM SystemFileCache WHERE InfectedFileSHAHash = ? OR ProcFileIDSystemFileHash = ? ORDER BY InstanceTimeStamp DESC;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ProcessPath, TimeStamp, TargetPath, RuleId, IsAudit, Action, ProcessTaintReason, ProcessIntegrity FROM ProcessBlockHistory WHERE RuleId = ? ORDER BY TimeStamp DESC;SELECT ProcessPath, TimeStamp, TargetPath, RuleId, IsAudit, Action, ProcessTaintReason, ProcessIntegrity FROM ProcessBlockHistory WHERE ProcessPath = ? ORDER BY TimeStamp DESC;SELECT ProcessPath, TimeStamp, TargetPath, RuleId, IsAudit, Action, ProcessTaintReason, ProcessIntegrity FROM ProcessBlockHistory ORDER BY TimeStamp DESC;SELECT ProcessPath, TimeStamp, TargetPath, RuleId, IsAudit, Action, ProcessTaintReason, ProcessIntegrity FROM ProcessBlockHistory WHERE ProcessPath = ? AND TimeStamp = ? ORDER BY TimeStamp DESC;SELECT COUNT(DISTINCT ProcessPath) FROM ProcessBlockHistory;DELETE FROM ProcessBlockHistory;SELECT t1.ProcessPath, t1.TimeStamp, t1.TargetPath, t1.RuleId, t1.IsAudit, t1.Action, t1.ProcessTaintReason, t1.ProcessIntegrity FROM ProcessBlockHistory AS t1 INNER JOIN(SELECT ID, ProcessPath, MAX(TimeStamp) AS MostRecentTime FROM ProcessBlockHistory WHERE RuleId = ? GROUP BY ProcessPath) AS t2 ON t1.ID = t2.ID AND t1.TimeStamp = t2.MostRecentTime ORDER BY t1.TimeStamp DESC;SELECT ProcessPath, TimeStamp, TargetPath, RuleId, IsAudit, Action, ProcessTaintReason, ProcessIntegrity FROM ProcessBlockHistory WHERE ProcessPath = ? ORDER BY TimeStamp DESC LIMIT 1;DELETE FROM ProcessBlockHistory WHERE ProcessPath = ? AND TimeStamp = ?;SELECT t1.ProcessPath, t1.TimeStamp, t1.TargetPath, t1.RuleId, t1.IsAudit, t1.Action, t1.ProcessTaintReason, t1.ProcessIntegrity FROM ProcessBlockHistory AS t1 INNER JOIN(SELECT ID, ProcessPath, MAX(TimeStamp) AS MostRecentTime FROM ProcessBlockHistory GROUP BY ProcessPath) AS t2 ON t1.ID = t2.ID AND t1.TimeStamp = t2.MostRecentTime ORDER BY t1.TimeStamp DESC;SELECT ID FROM ProcessBlockHistory WHERE ProcessPath = ?;SELECT COUNT(1) FROM ProcessBlockHistory;DELETE FROM ProcessBlockHistory WHERE TimeStamp < ?;REPLACE INTO ProcessBlockHistory(ProcessPath, TimeStamp, TargetPath, RuleId, IsAudit, Action, ProcessTaintReason, ProcessIntegrity) VALUES (?, ?, ?, ?, ?, ?, ?, ?);SELECT ProcessPath, TimeStamp FROM ProcessBlockHistory ORDER BY TimeStamp ASC LIMIT 1[3
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT t1.ProcessPath, t1.TimeStamp, t1.TargetPath, t1.RuleId, t1.IsAudit, t1.Action, t1.ProcessTaintReason, t1.ProcessIntegrity FROM ProcessBlockHistory AS t1 INNER JOIN(SELECT ID, ProcessPath, MAX(TimeStamp) AS MostRecentTime FROM ProcessBlockHistory GROUP BY ProcessPath) AS t2 ON t1.ID = t2.ID AND t1.TimeStamp = t2.MostRecentTime ORDER BY t1.TimeStamp DESC;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key FROM FileLowFiAsync WHERE FileLowFiAsync.Key = ?; DELETE FROM FileLowFiAsync WHERE FileLowFiAsync.Key = ?; SELECT Key, FileName, SigSeq, SigSha, SigIsSync, InstanceTimeStamp FROM FileLowFiAsync WHERE Key = ?; DELETE FROM FileLowFiAsync WHERE InstanceTimeStamp < ?; SELECT COUNT(1) FROM FileLowFiAsync; INSERT INTO FileLowFiAsync(Key, FileName, SigSeq, SigSha, SigIsSync, InstanceTimeStamp) VALUES(?, ? , ? , ? , ? , ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM AutoFeatureControl WHERE AutoFeatureControl.Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO AnomalyTables(Key, TableKey, TableName, KeyName, FirstSeen, LastSeen, UnbiasedMinutes, Value, Order_) VALUES(? , ? , ? , ? , ? , ? , ? , ? , ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO SystemFileCache(InfectedFileSHAHash, InfectedFileSHA, ProcFileIDSystemFileHash, ProcFileId, SystemFilePath, CleanFileSha, CleanFileShaHash, InstanceTimeStamp) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(16, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(8, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(26, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key, TableKey, TableName, KeyName, FirstSeen, LastSeen, UnbiasedMinutes, Value, Order_ FROM AnomalyTables WHERE AnomalyTables.TableKey = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT COUNT(1) FROM AnomalyTables;
Source: msedgewebview2.exe, 00000002.00000002.2917158670.0000019D09E45000.00000002.00000001.00040000.0000001E.sdmp, Login Data.2.dr	Binary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(DISTINCT UserIdHash) FROM FolderGuardPaths;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID, PPIDHash, ProcessStartTime, PID, StructVersion, ImageFileName, MonitoringFlags_Flags, MonitoringFlags_VmHardenType, MonitoringFlags_ExemptVmHardenedTypes, CommandLineArgs, HipsInjectionId, FolderGuardId, Flags, LsassReadMemId, MonitoringFlags_Flags2Low, MonitoringFlags_Flags2High FROM BmProcessInfo WHERE PPIDHash = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO AutoFeatureControl(Key, CurrCount, MaxCount, InstanceTimeStamp) VALUES (?, ?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key FROM AtomicCounters ORDER BY InsertTime ASC LIMIT 1;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID, NormalizedPathHash, DosPathHash, StructVersion, NormalizedPath, DosPath, Wow64Context, MetaContext, IsFromWeb, IsExecutable FROM BmFileInfo WHERE NormalizedPathHash = ? OR DosPathHash = ?;INSERT INTO BmFileActions(FileInfoId, ThreatRecordId, Action) VALUES (?, ?, ?);SELECT ThreatRecordId, Action FROM BmFileActions WHERE FileInfoId == ?;INSERT INTO BmFileInfo(NormalizedPathHash, DosPathHash, StructVersion, NormalizedPath, DosPath, Wow64Context, MetaContext, IsFromWeb, IsExecutable) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?);DELETE FROM BmFileInfo WHERE NormalizedPathHash = ? OR DosPathHash = ?;DELETE FROM BmFileActions;DELETE FROM BmFileInfo;SELECT ID FROM BmFileInfo WHERE NormalizedPathHash = ? OR DosPathHash = ?;SELECT Count(1) FROM BmFileInfo;B
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(20, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT PersistId, PersistIdBlob, ExpirationDate FROM AmsiFileCache WHERE PersistId = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key FROM AtomicCounters WHERE AtomicCounters.Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(18, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM BmProcessInfo WHERE PPIDHash = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT COUNT(1) FROM AnomalyInfo;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ValueMapArrayBlob FROM ValueMapArray WHERE Key = ? AND RecordType = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM SystemFileCache WHERE InfectedFileSHAHash = ? OR ProcFileIDSystemFileHash = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key FROM AttributeCounts WHERE AttributeCounts.Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key, FilePath, Context, InsertTime, ExpireTime FROM AttributePersistContext WHERE Key = ?; SELECT COUNT(1) FROM AttributePersistContext; MpFileStashMaxSizeMpOplocksInSpynetFileSizeLimitMpDisableValidateTrustUseInternalCertFormatMpDisableOSXValidateTrustMpValidateTrustMSIMaxOverlayMpDisableValidateTrustAllowBadCertDirectory%WINDIR%\System32\catroot2%WINDIR%\System32\CatRootMpDisableValidateTrustInternalMachOInfinite loop detected (more that %d instructions executed)PE_SUCCESSPE_END_ENUMERATIONPE_NOMEMORYPE_OVERLAPPINGPE_READPE_WRITEPE_FILEPE_DECOMPRESS_ERRORPE_NOTIMPLEMENTEDPE_UNSUPPORTED_MACHINE_ARCHITECTUREPE_INVALID_SIZEOFOPTIONALHEADERPE_INVALID_OPTIONAL_MAGICPE_INVALID_SIZEOFIMAGEPE_INVALID_IMAGEBASEPE_INVALID_SECTIONALIGNMENTPE_INVALID_FILEALIGNMENTPE_INVALID_DOS_SIGNATUREPE_INVALID_E_LFANEWPE_INVALID_NT_SIGNATUREPE_INVALID_SIZEOFHEADERSPE_INVALID_ARGUMENTSPE_INVALID_VIRTUALSIZEPE_INVALID_VIRTUALADDRESSPE_INVALID_RAWOFFSETPE_INVALID_RAWSIZEPE_INVALID_RVAPE_INVALID_EXPORTSPE_INVALID_DATAPE_ERROR_RESERVEDMpMaxPeExportsInCoreReportsMpMapsHeartbeatDistributionIntervalMpRemediationCheckpointLiveDelayMpMaxSpynetReportsMpMapsHeartbeatDelayOnDetectionMpEnableFriendlyCloudCheckMpDisableMDMPolicyChecksMpHeartbeatControlGroupMpDisableMpsigstubErrorMapsHeartbeatMpDisableExclusionsMapsHeartbeatMpDisableMapsDisableMapsHeartbeatMpDisablePaidEnhancedMapsHeartbeatMpDisableEnhancedMapsHeartbeatMpUrlReputationTimeoutMpMaxRtsdBatchSizeMpEnhancedMapsHeartbeatRateMpDisableRtpChangeMapsHeartbeatMpDisableUninstallMapsHeartbeatMpMapsHeartbeatDelayMpEnableUefiEnumerationInHeartBeatMpDisableUrlReputationMapsMpDisableErrorMapsHeartbeatMpMaxNetworkConnectionReportsInSpynetMpMapsHeartbeatDetectionIntervalMpDisableCachingSampleSubmittedShasMpDisableRemediationCheckpointsMpRemediationCheckpointTimeoutMpSampleSubmissionSizeLimitMpPaidEnhancedMapsHeartbeatDelayMpDisableSetupErrorMapsHeartbeatMpDisableOplocksInSpynetMpMapsHeartbeatRateMpEnhancedMapsHeartbeatDelayMpMaxRtsdCountMpDisablePersistScanHandleOnThreatNotFoundMpDisableAdvSSAndFallbackToWatsonMpDisableSenseHeartbeatEtwMpDisableNetworkInfoInHeartbeatMpDisableRemediationFailTelemetryMpFirmwareEnvironmentVariableQueriesMpDisableDefenderDisableMapsHeartbeatMpDisableTestErrorMapsHeartbeatMpDisableOfflineEnhancedMapsHeartbeatMpOfflineEnhancedMapsHeartbeatRateMpDisableDnsCacheSubmissionWithNRICacheMpOfflineEnhancedMapsHeartbeatDelayMpDisableUrlReputationMapsCachet
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key FROM AttributeCounts ORDER BY InsertTime ASC LIMIT 1;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT t1.ProcessPath, t1.TimeStamp, t1.TargetPath, t1.RuleId, t1.IsAudit, t1.Action, t1.ProcessTaintReason, t1.ProcessIntegrity FROM ProcessBlockHistory AS t1 INNER JOIN(SELECT ID, ProcessPath, MAX(TimeStamp) AS MostRecentTime FROM ProcessBlockHistory WHERE RuleId = ? GROUP BY ProcessPath) AS t2 ON t1.ID = t2.ID AND t1.TimeStamp = t2.MostRecentTime ORDER BY t1.TimeStamp DESC;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key FROM ValueMapArray WHERE ValueMapArray.Key = ? AND ValueMapArray.RecordType = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(21, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(1) FROM BmFileInfo;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT COUNT(1) FROM AtomicCounters;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ThreatRecordId, Action FROM BmFileActions WHERE FileInfoId == ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(17, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO BmHipsRuleInfo(ProcessInfoId, RuleAction, RuleId, IsAudit, IsInherited, State) VALUES (?, ?, ?, ?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE AttributePersistContext SET FilePath = ?, Context = ?, InsertTime = ?, ExpireTime = ? WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO ProcessInfo(FileName, ProcessId, CommandLine, StartTime, TokenElevation, TokenElevationType, IntegrityLevel) VALUES(? , ? , ? , ? , ? , ? , ? );
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key, RecordTimeStamp, Generation FROM RecordIdentifier WHERE ID = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(32, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key FROM AttributePersistContext WHERE AttributePersistContext.Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(19, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM NetworkIpFirewallRules WHERE NetworkIpFirewallRules.Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO BackupProcessInfo(Key, FilePath, FirstStartTime, NextUSN, AutomaticRemovalPolicy, ImpactedCBPNameSpaces, InstanceTimeStamp) VALUES ( ?, ?, ?, ?, ?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(22, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM RansomwareDetections WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM SdnEx WHERE SdnEx.Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(32, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(29, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM SystemRegistryCache WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT COUNT(1) FROM AttributeCounts;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(1) FROM AmsiFileCache;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key FROM AnomalyTables WHERE AnomalyTables.TableKey = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO SystemRegistryCache(Key, FileIDHash, RegPath, RegOperation, NewRegType, OldRegType, OldRegData, NewRegData, InstanceTimeStamp) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO File(SHA1, MD5, lshashs, lshash, PartialCRC1, PartialCRC2, PartialCRC3, KCRC1, KCRC2, KCRC3, KCRC3n, Size, SHA256) VALUES(? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ?, ?, ? );
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(30, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(23, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT COUNT(1) FROM RollingQueuesValues;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO SdnEx(Key, CurrentCount) VALUES (?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(15, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(10, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO BmProcessInfo(PPIDHash, ProcessStartTime, PID, StructVersion, ImageFileName, MonitoringFlags_Flags, MonitoringFlags_VmHardenType, MonitoringFlags_ExemptVmHardenedTypes, CommandLineArgs, HipsInjectionId, FolderGuardId, Flags, LsassReadMemId, MonitoringFlags_Flags2Low, MonitoringFlags_Flags2High)VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(1) FROM BackupProcessInfo;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key, FilePath, Context, InsertTime, ExpireTime FROM AttributePersistContext WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT COUNT(1) FROM ValueMapArray WHERE RecordType = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT FileInstance.ID FROM FileInstance, RecordIdentifier WHERE FileInstance.RecordID = RecordIdentifier.ID AND RecordIdentifier.Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT RecordIdentifier.Key, FileInstance.RecordID, RecordIdentifier.RecordTimeStamp, FileInstance.TrackingEnabled, FileInstance.StorageEvent, FileInstance.StorageEventState, FileInstance.ModificationsCount, FileInstance.ParentRecordID, FileInstance.Parent_FileEvent, FileInstance.Parent_FileName, RecordIdentifier.Generation, FileInstance.FileName, FileInstance.USN, FileInstance.CreateTime, FileInstance.LastAccessTime, FileInstance.LastWriteTime, FileInstance.Signer, FileInstance.SignerHash, FileInstance.Issuer, FileInstance.SigningTime, FileInstance.MOTW, FileInstance.MOTWFromParent, FileInstance.IsValidCert, FileInstance.CertInvalidDetails, FileInstance.IsCatalogSigned, File.SHA1, File.MD5, File.lshashs, File.lshash, File.PartialCRC1, File.PartialCRC2, File.PartialCRC3, File.KCRC1, File.KCRC2, File.KCRC3, File.KCRC3n, File.Size, File.SHA256, ParentProcessInfo.CommandLine, ParentProcessInfo.FileName, ParentProcessInfo.IntegrityLevel, ParentProcessInfo.ProcessId, ParentProcessInfo.StartTime, ParentProcessInfo.TokenElevation, ParentProcessInfo.TokenElevationType, RemoteProcessInfo.CommandLine, RemoteProcessInfo.FileName, RemoteProcessInfo.IntegrityLevel, RemoteProcessInfo.TokenElevation, RemoteProcessInfo.TokenElevationType, ScanInfo.NamedAttributes, ScanInfo.PeAttributes, ScanInfo.PersistSigSeq, ScanInfo.ProgenitorPersistSigSeq, ScanInfo.ScanAgent, ScanInfo.ScanReason, ScanInfo.SigAttrEvents, ScanInfo.SigSeq, ScanInfo.SigSha, ScanInfo.WebURL,Engine.EngineVersion, Engine.SigVersion FROM RecordIdentifier INNER JOIN (FileInstance INNER JOIN File ON FileInstance.FileID = File.ID LEFT OUTER JOIN ProcessInfo as 'ParentProcessInfo' ON FileInstance.Parent_ProcessID = ParentProcessInfo.ID LEFT OUTER JOIN ProcessInfo as 'RemoteProcessInfo' ON FileInstance.Remote_ProcessID = RemoteProcessInfo.ID LEFT OUTER JOIN (ScanInfo INNER JOIN Engine ON ScanInfo.EngineID = Engine.ID) ON FileInstance.ScanID = ScanInfo.ID ) ON RecordIdentifier.ID = FileInstance.RecordID WHERE RecordIdentifier.Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(9, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(1) FROM DynSigRevisions;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT COUNT(1) FROM ProcessBlockHistory;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO ValueMapArray(Key, RecordType, ValueMapArrayBlob, InstanceTimeStamp) VALUES(?, ? , ? , ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key, Name, Count, InsertTime, ExpireTime FROM AttributeCounts WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key, FileName, SigSeq, SigSha, SigIsSync, InstanceTimeStamp FROM FileLowFiAsync WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM BmFileStartupActions WHERE BmFileStartupActions.FilePathHash = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT COUNT(1) FROM FileHashes;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key FROM FileLowFiAsync WHERE FileLowFiAsync.Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO RecordIdentifier(Key, RecordTimeStamp, Generation) VALUES(?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO FolderGuardPaths(UserIdHash, UserId, GUID, Path) VALUES ( ?, ?, ?, ? );SELECT Count(DISTINCT UserIdHash) FROM FolderGuardPaths;DELETE FROM FolderGuardPaths WHERE UserIdHash = ?;SELECT ID FROM FolderGuardPaths WHERE UserIdHash = ? LIMIT 1;SELECT UserId, GUID, Path FROM FolderGuardPaths WHERE UserIdHash = ?N
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(27, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT DetectionGuid, LkgTS, NextUSN, DetectionTS, ProvisionalRemedComplTS, RemedComplTS, ImpactedCBPNameSpaces FROM RansomwareDetections WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO NetworkIpFirewallRules(Key, FirewallRuleName, ExpiryTime) VALUES (?, ?, ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO FileHashes(Key, VSN, FileID, USN, InstanceTimeStamp, SHA1, MD5, SHA256, LSHASH, LSHASHS, CTPH, PartialCRC1, PartialCRC2, PartialCRC3, KCRC1, KCRC2, KCRC3, KCRC3n) VALUES(?, ? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT FilePath, FirstStartTime, NextUSN, AutomaticRemovalPolicy, ImpactedCBPNameSpaces FROM BackupProcessInfo WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(7, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key FROM RollingQueuesTables WHERE RollingQueuesTables.Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ProcessPath, TimeStamp, TargetPath, RuleId, IsAudit, Action, ProcessTaintReason, ProcessIntegrity FROM ProcessBlockHistory ORDER BY TimeStamp DESC;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO DynSigRevisions(Key, SdnRevision, EsuRevision, BFRevision, EntCertRevision, TamperRevision, AGBlobRevision, BFFileAllowRevision, BFFileBlockRevision, BFCertAllowRevision, BFCertBlockRevision) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);DELETE FROM DynSigRevisions WHERE DynSigRevisions.Key = ?;SELECT Count(1) FROM DynSigRevisions;SELECT ID FROM DynSigRevisions WHERE DynSigRevisions.Key = ?;SELECT Key, SdnRevision, EsuRevision, BFRevision, EntCertRevision, TamperRevision, AGBlobRevision, BFFileAllowRevision, BFFileBlockRevision, BFCertAllowRevision, BFCertBlockRevision FROM DynSigRevisions WHERE Key = ?
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(2, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE AttributeCounts SET Name = ?, Count = ?, InsertTime = ?, ExpireTime = ? WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT (SELECT COUNT() FROM File) + (SELECT COUNT() FROM FileInstance);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO RollingQueuesTables(Key, Name, Capacity, TimeToLive, Mode) VALUES(? , ? , ? , ? , ?);
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO FolderGuardPaths(UserIdHash, UserId, GUID, Path) VALUES ( ?, ?, ?, ? );
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT ID FROM BackupProcessInfo WHERE Key = ?;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: UPDATE SQLiteGlobals SET Current = 0 WHERE Current = 1; INSERT INTO SQLiteGlobals(Version, Current, LastUpdated) VALUES(25, 1, date('now'));
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Count(1) FROM BmFileStartupActions;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: SELECT Key FROM AttributePersistContext ORDER BY InsertTime ASC LIMIT 1;
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: INSERT INTO Engine(EngineVersion, SigVersion) VALUES(? , ? );

Source: C:\Users\user\Desktop\BrowserUpdateTool.exe

File read: C:\Users\user\Desktop\BrowserUpdateTool.exe

Jump to behavior

Source: unknown	Process created: C:\Users\user\Desktop\BrowserUpdateTool.exe "C:\Users\user\Desktop\BrowserUpdateTool.exe"
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=BrowserUpdateTool.exe --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --disable-features=msSmartScreenProtection --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=7536.7584.8340987022922056471
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x160,0x164,0x168,0x13c,0x170,0x7ffdfb1c8e88,0x7ffdfb1c8e98,0x7ffdfb1c8ea8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1788 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2780 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=3020 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1724954327302821 --launch-time-ticks=4335514542 --mojo-platform-channel-handle=3508 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:1
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=4536 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x160,0x164,0x168,0x13c,0x170,0x7ffdfb1c8e88,0x7ffdfb1c8e98,0x7ffdfb1c8ea8	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1788 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:2	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2780 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:3	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=3020 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:8	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1724954327302821 --launch-time-ticks=4335514542 --mojo-platform-channel-handle=3508 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:1	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=4536 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:2	Jump to behavior

Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: powrprof.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: umpdc.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: dwmapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: edputil.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: dbghelp.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: twinapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Section loaded: twinapi.appcore.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.system.profile.platformdiagnosticsandusagedatasettings.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: policymanager.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kbdus.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.system.profile.platformdiagnosticsandusagedatasettings.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: policymanager.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wkscli.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mdmregistration.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mdmregistration.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: omadmapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: powrprof.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dmcmnutils.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: iri.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: umpdc.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netapi32.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netapi32.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dsreg.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: powrprof.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: umpdc.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dwrite.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dpapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: nlaapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dhcpcsvc6.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dhcpcsvc.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.ui.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windowmanagementapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: inputhost.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: twinapi.appcore.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: twinapi.appcore.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wtsapi32.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winsta.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mscms.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: coloradapterclient.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.security.authentication.web.core.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: onecorecommonproxystub.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: devobj.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dataexchange.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d11.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dcomp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dxgi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uiautomationcore.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: atlthunk.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: oleacc.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: directmanipulation.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dxgi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: resourcepolicyclient.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mf.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mfplat.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: rtworkq.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: hevcdecoder.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dolbydecmft.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mfperfhelper.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dwmapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d11.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d10warp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dxcore.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dcomp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dbghelp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dwrite.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: policymanager.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dwritecore.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: vaultcli.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.web.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: aadwamextension.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: hevcdecoder.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: tenantrestrictionsplugin.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netprofm.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: npmproxy.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wevtapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.system.userprofile.diagnosticssettings.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netapi32.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: secur32.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dbghelp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.system.diagnostics.telemetry.platformtelemetryclient.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: bitsproxy.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dhcpcsvc6.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dhcpcsvc.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: nlaapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ncryptprov.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dxgi.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: resourcepolicyclient.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d11.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d11.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dxcore.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mf.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mfplat.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: rtworkq.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: hevcdecoder.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dolbydecmft.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mfperfhelper.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d12.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d12.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d12core.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d10warp.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dxilconv.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3dscache.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: twinapi.appcore.dll	Jump to behavior

Source: C:\Users\user\Desktop\BrowserUpdateTool.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1f486a52-3cb1-48fd-8f50-b8dc300d9f9d}\InProcServer32

Jump to behavior

Source: BrowserUpdateTool.exe

Static PE information: certificate valid

Source: BrowserUpdateTool.exe

Static PE information: Virtual size of .text is bigger than: 0x100000

Source: BrowserUpdateTool.exe

Static PE information: Image base 0x140000000 > 0x60000000

Source: BrowserUpdateTool.exe

Static file information: File size 99319784 > 1048576

Source: BrowserUpdateTool.exe	Static PE information: Raw size of .text is bigger than: 0x100000 < 0x1bf7200
Source: BrowserUpdateTool.exe	Static PE information: Raw size of .data is bigger than: 0x100000 < 0x8fb000
Source: BrowserUpdateTool.exe	Static PE information: Raw size of .rdata is bigger than: 0x100000 < 0x16bfe00
Source: BrowserUpdateTool.exe	Static PE information: Raw size of .rsrc is bigger than: 0x100000 < 0x220a400

Source: BrowserUpdateTool.exe

Static PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE

Source:	Binary string: MpGear.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: BTR.pdbGCTL source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: KSLDriver.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: KSLD.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: /_/artifacts/obj/Microsoft.CodeAnalysis.CSharp/Release/net7.0/Microsoft.CodeAnalysis.CSharp.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: /_/artifacts/obj/Microsoft.CodeAnalysis.CSharp/Release/net7.0/Microsoft.CodeAnalysis.CSharp.pdbSHA256C source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: offreg.pdbH source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: KSLDriver.pdbGCTL source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: MsMpEngCP.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF330000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: BTR.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: MsMpEngSvc.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: mpengine.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: MsMpEngSvc.pdbGCTL source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: Microsoft.CodeAnalysis.CSharp.ni.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: MsMpEngCP.pdbGCTL source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF330000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: offreg.pdb source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: KSLD.pdbGCTL source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: MpGear.pdbGCTL source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: output file name with .pdb extension) source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF33C000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: mpengine.pdbOGPS source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp

PE file contains sections with non-standard names

Source: BrowserUpdateTool.exe

Static PE information: section name: .xdata

Monitors certain registry keys / values for changes (often done to protect autostart functionality)

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Registry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Registry key monitored for changes: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Dnscache\Parameters	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Registry key monitored for changes: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Dnscache\Parameters	Jump to behavior

Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior

Queries keyboard layouts

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe

Key opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\d0010809

Jump to behavior

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Code Cache\js FullSizeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Code Cache\wasm FullSizeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\blob_storage\e1022566-0e68-48d0-9ea8-87cc2c7265f6 FullSizeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Cache\Cache_Data FullSizeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47 FullSizeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47 FullSizeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Local\Temp FullSizeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Local\Temp FullSizeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user FullSizeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user FullSizeInformation	Jump to behavior

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Network\3ac53f57-dfab-444d-a69f-4fabb3044db1.tmp	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Network\SCT Auditing Pending Reports	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\	Jump to behavior

Source: msedgewebview2.exe, 00000002.00000002.2927846101.00004C64022F0000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: VMware
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: detects_vmware
Source: msedgewebview2.exe, 00000002.00000002.2927502914.00004C6402274000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: USB device added: path=\\?\usb#vid_0e0f&pid_0003#5&2dda038&0&5#{a5dcbf10-6530-11d2-901f-00c04fb951ed} vendor=3599 "VMware", product=3 "VMware Virtual USB Mouse", serial="", driver="usbccgp", guid=2c09c714-845b-4167-9d1d-580102fe89ddLd
Source: msedgewebview2.exe, 00000002.00000002.2932847700.00004C6402C0C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: VMware Virtual USB Mouse
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: azurevirtualmachinename_scrubbed
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: DD:%s:%s:%swailsWindowPRINTSCREENISO-2022-JPgooglecloud%s at %d:%dPREFETCHWT1VFMADDSUBPDVFMADDSUBPSVFMSUBADDPDVFMSUBADDPSprefetchntaprefetchwt1sha256rnds2vaesdeclastvaesenclastvcompresspdvcompresspsvcvttpd2udqvcvttpd2uqqvcvttps2udqvcvttps2uqqvcvttsd2usivcvttss2usivfixupimmpdvfixupimmpsvfixupimmsdvfixupimmssvfmadd132pdvfmadd132psvfmadd132sdvfmadd132ssvfmadd213pdvfmadd213psvfmadd213sdvfmadd213ssvfmadd231pdvfmadd231psvfmadd231sdvfmadd231ssvfmaddsubpdvfmaddsubpsvfmsub132pdvfmsub132psvfmsub132sdvfmsub132ssvfmsub213pdvfmsub213psvfmsub213sdvfmsub213ssvfmsub231pdvfmsub231psvfmsub231sdvfmsub231ssvfmsubaddpdvfmsubaddpsvinsertf128vinserti128vmaskmovdquvpcompressdvpcompressqvpconflictdvpconflictqvphminposuwvpmadd52huqvpmadd52luqvpscatterddvpscatterdqvpscatterqdvpscatterqqvpunpckhqdqvpunpcklqdqvrndscalepdvrndscalepsvrndscalesdvrndscalessvscatterdpdvscatterdpsvscatterqpdvscatterqpsSwapBuffersgdiplus.dllshlwapi.dllLoadCursorWFindWindowWDefDlgProcWWaitMessageInflateRectIsRectEmptyDestroyMenuDestroyIconOutOfMemoryuxtheme.dllDrawMenuBarGetKeyStateShell32.dllBrowserBackBrowserStopBrowserHomeExclusiveOrchain empty%q not found<?sentinel?>DoesNotExistTargetRemoveContent-Typecontent-typeDeleteObjectListAccountsimage/x-iconimage/x-icnsaudio/x-mpegaudio/x-midiaudio/x-aiffaudio/amr-nbaudio/x-mp4akernel32.dllCoInitializeoleaut32.dllVariantClearSysStringLenRoInitializeunknown typeserverPubKeywriteTimeoutError %d: %sUNSIGNED INTSERIALIZABLEmacroman_binarmscii8_binEventSessioninvalid port<(%s,%s),%s>_timestamptz(database)s$%v not foundempty numberReadObjectCBdecode arraydecode sliceAMDisbetter!AuthenticAMDCentaurHaulsGenuineIntelTransmetaCPUGenuineTMx86Geode by NSCVIA VIA VIA KVMKVMKVMKVMMicrosoft HvVMwareVMwareXenVMMXenVMMbhyve bhyve HygonGenuineVortex86 SoCSiS SiS SiS RiseRiseRiseGenuine RDCAccessDeniedca-central-1eu-central-1eu-central-2me-central-1il-central-1[+
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: VMwareVMware
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EF06A000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: azurevirtualmachinename
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: Unknown member: peattributes.%hspe.set_peattribute(name, state) expects boolean "state"ARM_big_endianARM_legacyARM_unpredictable_16bitmachine_32bitmachineaggressive_trim_wsaggressiveimportamd64_imagearm_imageaslr_bit_setbound_imports_inside_imagebyte_reversed_hibyte_reversed_lowcalls_unimplemented_apichecks_if_debugged_documentedchecks_if_debugged_undocumentedchecks_ntglobalflagchecks_processheapchecks_teb_lasterrorchecks_teb_laststatuscode_on_stackdebug_strippeddeep_analysisdeep_apicall_limitdelay_load_imports_inside_imagedetects_virtualpcdetects_vmdetects_vmwaredirty_wx_branchdisable_apicall_limitdisable_drop_mz_onlydisable_dropper_rescandisable_io_redirectiondisable_microcodedisable_seh_limitdisable_static_unpackingdisable_thread_apicall_limitdisable_vmprotectdmg_decompressdmg_entrypointdmg_filealignmentdmg_imagebasedmg_imagesizedmg_importsdmg_invaliddatadmg_machinedmg_not_executable_imagedmg_notcontiguousdmg_optional_magicdmg_overlapping_sectionsdmg_pointertorawdatadmg_relocationsdmg_resource_levelsdmg_resource_namesdmg_resource_offsetdmg_resource_unordereddmg_sectionalignmentdmg_sizeofheadersdmg_sizeofrawdatadmg_special_sectiondmg_truncateddmg_unsupporteddmg_virtualaddressdmg_virtualsizedroppeddt_continue_after_unpackingdt_continue_after_unpacking_damageddt_error_bb_limitdt_error_failed_to_translatedt_error_heur_API_limitdt_error_heur_exit_criteriadt_error_invalid_opcodedt_error_loop_too_complexdt_error_not_enough_memorydt_error_too_many_operandsdt_error_too_many_prefixesdt_error_vmm_page_faultdynmem_APIcalldynmem_checks_if_debugged_docdynmem_checks_if_debugged_undocdynmem_checks_ntglobalflagdynmem_checks_processheapdynmem_detects_virtualpcdynmem_detects_vmdynmem_detects_vmwaredynmem_kernel_scandynmem_reads_vdll_codedynmem_self_modifying_codedynmem_uses_access_violationdynmem_uses_bound_exceptionsdynmem_uses_breakpointsdynmem_uses_div_by_zerodynmem_uses_int_overflowdynmem_uses_invalid_opcodesdynmem_uses_privinstrdynmem_uses_single_steppingdynmem_uses_udbgrddynmem_uses_udbgwrdynmem_uses_unusual_breakpointenable_binlibenable_lshashenable_vmm_growentrybyte55entrybyte60entrybyte90entrypoint_in_headerentrypoint_in_import_tableepatscnstartepatstartentrysectepatstartlastsectepcallnextepinfirstsectepiniatepoutofimageepscn_eqsizesepscn_falignepscn_islastepscn_valignepscn_vfalignepscn_writableepsec_not_executableexecutable_imageexecutble_imageexecutes_from_dynamic_memoryexecutes_from_last_sectionexecutes_from_resourcesextended_pestaticfirstsectwritableforce_dtforce_expensive_processingforce_unpackinggenpackedhandle_large_vahas_checksumhas_delay_load_importshas_many_resourceshas_msilresourceshasappendeddatahasboundimportshasexportshasstandardentryheaderchecksum0hstr_exhaustiveia64_imageimport_via_tlsinv_argumentsinv_datainv_decompress_errorinv_dos_signatureinv_e_lfanewinv_exportsinv_fileinv_filealignmentinv_filesizeinv_imagebaseinv_nomemoryinv_notimplementedinv_nt_signatureinv_optional_magicinv_overlappinginv_rawoffsetinv_rawsizeinv_readinv_rvainv_sect
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: dynmem_detects_vmware
Source: msedgewebview2.exe, 00000002.00000002.2927502914.00004C6402274000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: USB device added: path=\\?\usb#vid_0e0f&pid_0003#5&2dda038&0&5#{a5dcbf10-6530-11d2-901f-00c04fb951ed} vendor=3599 "VMware", product=3 "VMware Virtual USB Mouse", serial="", driver="usbccgp", guid=2c09c714-845b-4167-9d1d-580102fe89dd
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: pea_dynmem_detects_vmware
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: 7zXZ\SystemRoot\Device\0123456789ABCDEF0123456789abcdefpea_epscn_islastpea_epcallnextpea_secmissizepea_epatstartlastsectpea_entrybyte60pea_entrybyte90pea_epiniatpea_usesuninitializedregspea_prefetchtrickspea_issuspiciouspea_isgenericpea_isreportedpea_aggressiveimportpea_enable_binlibpea_enable_lshashpea_many_importspea_self_modifying_codepea_track_direct_importspea_detects_vmpea_detects_vmwarepea_detects_virtualpcpea_is_delphipea_uses_single_steppingpea_uses_bound_exceptionspea_uses_div_by_zeropea_uses_int_overflowpea_uses_invalid_opcodespea_uses_unusual_breakpointpea_checks_if_debugged_documentedpea_disable_io_redirectionpea_suspicious_rebasepea_disable_drop_mz_onlypea_suspicious_stack_geometrypea_suspicious_subsystempea_suspicious_timestamppea_suspicious_valignpea_suspicious_section_fsizepea_suspicious_section_characteristicspea_aggressive_trim_wspea_16bitmachinepea_system_filepea_suspicious_number_of_dirspea_force_unpackingpea_extended_pestaticpea_small_data_directory_countpea_multiple_relocs_same_locationpea_relocs_but_no_relocs_flagpea_suspicious_imagebasepea_no_section_tablepea_no_sectionspea_many_sectionspea_suspicious_image_sizepea_bound_imports_inside_imagepea_delay_load_imports_inside_imagepea_entrypoint_in_import_tablepea_entrypoint_in_headerpea_import_via_tlspea_epsec_not_executablepea_othermachine_imagepea_checks_teb_lasterrorpea_disable_vmprotectpea_checks_teb_laststatuspea_disable_thread_apicall_limitpea_deep_apicall_limitpea_dynmem_uses_div_by_zeropea_dynmem_uses_int_overflowpea_dynmem_uses_bound_exceptionspea_dynmem_uses_privinstrpea_dynmem_uses_breakpointspea_dynmem_uses_single_steppingpea_dynmem_uses_invalid_opcodespea_dynmem_uses_unusual_breakpointpea_dynmem_detects_vmpea_dynmem_detects_vmwarepea_dynmem_detects_virtualpcpea_dynmem_checks_if_debugged_docpea_dynmem_checks_if_debugged_undocpea_dynmem_kernel_scanpea_dynmem_self_modifying_codepea_dt_continue_after_unpackingpea_dt_continue_after_unpacking_damagedpea_loop_jmp_chainpea_droppedpea_reads_vdll_codepea_dynmem_reads_vdll_codepea_verbose_vdll_readspea_scan_internal_datapea_isvbpcodepea_ARM_legacypea_ARM_big_endianpea_ARM_unpredictablepea_isappcontainerpea_checks_ntglobalflagpea_dynmem_checks_ntglobalflagpea_dynmem_checks_processheappea_dt_error_heur_exit_criteriapea_dt_error_too_many_prefixespea_dt_error_invalid_opcodepea_dt_error_too_many_operandspea_dt_error_bb_limitpea_dt_error_loop_too_complexpea_executes_from_last_sectionpea_executes_from_resourcespea_memory_patchedpea_uses_sysenterpea_suspicious_resource_directory_sizepea_suspicious_import_directory_sizepea_invalid_ilt_entrypea_dmg_machinepea_dmg_filealignmentpea_dmg_pointertorawdatapea_dmg_virtualaddresspea_dmg_truncatedpea_dmg_special_sectionpea_dmg_relocationspea_dmg_overlapping_sectionspea_dmg_optional_magicpea_dmg_sizeofheaderspea_dmg_imagebasepea_dmg_imagesizepea_dmg_unsupportedpea_dmg_importspea_dmg_invaliddatapea_dmg_decompresspea_dmg_virtualsizepea_dmg_not_executable_imagepea_dmg_entrypointpea_inv_sizeofoptio
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: Software\Microsoft\Windows DefenderSOFTWARE\Policies\Microsoft\SQMClient\WindowsPhoneSoftware\Policies\Microsoft\SQMClient%windir%\temp%ProgramFiles(x86)%NtGetCachedSigningLevelSOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlockhr=0x%08XThreatTrackingSigSeqEmuldet.Ainvalid hash bucket count&
Source: BrowserUpdateTool.exe, 00000000.00000000.1645209026.00007FF6EECFB000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: pea_detects_vmware
Source: BrowserUpdateTool.exe, 00000000.00000000.1643621541.00007FF6ECAF4000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: zJVSk/BwJVmcIGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5dd
Source: BrowserUpdateTool.exe, 00000000.00000002.2919669132.0000019BCC834000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000002.00000002.2913395921.0000019D05040000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.2900139702.000001D7A202B000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe

Process information queried: ProcessInformation

Jump to behavior

Creates a process in suspended mode (likely to inject code)

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x160,0x164,0x168,0x13c,0x170,0x7ffdfb1c8e88,0x7ffdfb1c8e98,0x7ffdfb1c8ea8	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1788 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:2	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2780 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:3	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=3020 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:8	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1724954327302821 --launch-time-ticks=4335514542 --mojo-platform-channel-handle=3508 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:1	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView" --webview-exe-name=BrowserUpdateTool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=4536 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=MojoIpcz --disable-features=msSmartScreenProtection /prefetch:2	Jump to behavior

Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=browserupdatetool.exe --user-data-dir="c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview" --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --disable-features=mssmartscreenprotection --enable-features=mojoipcz --mojo-named-platform-channel-pipe=7536.7584.8340987022922056471
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview\crashpad --annotation=isofficialbuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=win64 "--annotation=prod=edge webview2" --annotation=ver=117.0.2045.47 --initial-client-data=0x160,0x164,0x168,0x13c,0x170,0x7ffdfb1c8e88,0x7ffdfb1c8e98,0x7ffdfb1c8ea8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview" --webview-exe-name=browserupdatetool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=waaaaaaaaadgaaamaaaaaaaaaaaaaaaaaabgaaaaaaa4aaaaaaaaaaaaaaaeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaagaaaaaaaaaayaaaaaaaaaagaaaaaaaaacaaaaaaaaaaiaaaaaaaaaa== --mojo-platform-channel-handle=1788 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=mojoipcz --disable-features=mssmartscreenprotection /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.networkservice --lang=en-gb --service-sandbox-type=none --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview" --webview-exe-name=browserupdatetool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2780 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=mojoipcz --disable-features=mssmartscreenprotection /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.storageservice --lang=en-gb --service-sandbox-type=service --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview" --webview-exe-name=browserupdatetool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=3020 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=mojoipcz --disable-features=mssmartscreenprotection /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview" --webview-exe-name=browserupdatetool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-gb --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_ch" --time-ticks-at-unix-epoch=-1724954327302821 --launch-time-ticks=4335514542 --mojo-platform-channel-handle=3508 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=mojoipcz --disable-features=mssmartscreenprotection /prefetch:1
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview" --webview-exe-name=browserupdatetool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=waaaaaaaaadoaaamaaaaaaaaaaaaaaaaaabgaaaaaaa4aaaaaaaaaaaaaabeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaagaaaaaaaaaayaaaaaaaaaagaaaaaaaaacaaaaaaaaaaiaaaaaaaaaa== --mojo-platform-channel-handle=4536 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=mojoipcz --disable-features=mssmartscreenprotection /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview\crashpad --annotation=isofficialbuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=win64 "--annotation=prod=edge webview2" --annotation=ver=117.0.2045.47 --initial-client-data=0x160,0x164,0x168,0x13c,0x170,0x7ffdfb1c8e88,0x7ffdfb1c8e98,0x7ffdfb1c8ea8	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview" --webview-exe-name=browserupdatetool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=waaaaaaaaadgaaamaaaaaaaaaaaaaaaaaabgaaaaaaa4aaaaaaaaaaaaaaaeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaagaaaaaaaaaayaaaaaaaaaagaaaaaaaaacaaaaaaaaaaiaaaaaaaaaa== --mojo-platform-channel-handle=1788 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=mojoipcz --disable-features=mssmartscreenprotection /prefetch:2	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.networkservice --lang=en-gb --service-sandbox-type=none --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview" --webview-exe-name=browserupdatetool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2780 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=mojoipcz --disable-features=mssmartscreenprotection /prefetch:3	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.storageservice --lang=en-gb --service-sandbox-type=service --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview" --webview-exe-name=browserupdatetool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=3020 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=mojoipcz --disable-features=mssmartscreenprotection /prefetch:8	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview" --webview-exe-name=browserupdatetool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-gb --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_ch" --time-ticks-at-unix-epoch=-1724954327302821 --launch-time-ticks=4335514542 --mojo-platform-channel-handle=3508 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=mojoipcz --disable-features=mssmartscreenprotection /prefetch:1	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="c:\users\user\appdata\roaming\browserupdatetool.exe\ebwebview" --webview-exe-name=browserupdatetool.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=waaaaaaaaadoaaamaaaaaaaaaaaaaaaaaabgaaaaaaa4aaaaaaaaaaaaaabeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaagaaaaaaaaaayaaaaaaaaaagaaaaaaaaacaaaaaaaaaaiaaaaaaaaaa== --mojo-platform-channel-handle=4536 --field-trial-handle=1792,i,7808837177777861940,6408982360356111554,262144 --enable-features=mojoipcz --disable-features=mssmartscreenprotection /prefetch:2	Jump to behavior

Queries the volume information (name, serial number etc) of a device

Source: C:\Users\user\Desktop\BrowserUpdateTool.exe	Queries volume information: C:\Users\user\Desktop\BrowserUpdateTool.exe VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\segoeuib.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\WidevineCdm\manifest.json VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\Trust Protection Lists\manifest.json VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\System32\spool\drivers\color\sRGB Color Space Profile.icm VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesbd.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesbd.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesbi.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesbi.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\MEIPreload\preloaded_data.pb VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Network\SCT Auditing Pending Reports VolumeInformation	Jump to behavior

Source: C:\Users\user\Desktop\BrowserUpdateTool.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Jump to behavior

ID:	1501393
Product:	CloudBasic
Start time:	21:10:12
Start date:	29.08.2024
Sample:	BrowserUpdateTool.exe
Cookbook:	default.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS
MD5:	9e89fefaa6e3d99c3824d5e68dc8d3a2
SHA1:	d11ea624bdc348af474128d338f012b7caf4b2d3
SHA256:	162e4277a4cb2e3703df74529d83d47b66a5b46b0a93b3ac902b56da3e588fe9
Filetype:	Win64 Executable (generic) (12005/4) 74.95%

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Local\D3DSCache\ab326b5a64fa2db7\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx	data	F82406D91DAD32A842033CE56EA73522	4864C2D6780FF0F8211C4A561EE90F76AE2840E0	CF1AE0AB6FEB70464C9305F3355383B901CCBF0810F335ED5EA2FEB822C46638
C:\Users\user\AppData\Local\D3DSCache\ab326b5a64fa2db7\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock	ASCII text, with no line terminators	F49655F856ACB8884CC0ACE29216F511	CB0F1F87EC0455EC349AAA950C600475AC7B7B6B	7852FCE59C67DDF1D6B8B997EAA1ADFAC004A9F3A91C37295DE9223674011FBA
C:\Users\user\AppData\Local\D3DSCache\ab326b5a64fa2db7\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val	Matlab v4 mat-file (little endian) (, numeric, rows 0, columns 16, imaginary	16D388D094ECDC534C83C4403965A9F4	F18AC7E0A3D71E92B794DCE0A3832A119A45A4B7	A982B3BE404EBC13123D18E30EF704FA7860379DFD77FE6C0427A43931D6FBC6
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres	data	6507A9985513CBBA5925E33279309B73	5B6C7368BC673CE17B561A27CB5B02B72326EADE	3CF9310F6815CD1D40CC0B9E49B73C8FBAB2FF09B0FBA8B1A8684929FB862096
C:\Users\user\AppData\Local\Temp\f89a6234-c655-4792-86ba-7884a20c76f4.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 87533	A1260E124B605E76B799584F62F6D8E1	0FFAF8FF327A34676904D82456F4F4A72E282C7D	7E7CA792DEA9BB4A343AAFBDCE238EAF2B93DC3F8D5F4134FF9721FAE9ED29BC
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\03c8b3c3-bb83-4931-8d62-92d225459629.tmp	JSON data	4DC801FBD847FF7F8AAFCEEF21D2E13F	85E330CD1645557F7E566165174BDDE5C780B5BB	F75AFF857AE598D5E7CD22006C2BA7983FE71E97ACC14E95E8973542E08663B5
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\48b96472-ead3-4c2f-b09f-c1badecfcc8b.tmp	JSON data	597351182ED73FE7CE67C7013C3DD798	5D55BF1D1B3505B7564E543702A7B72CF5538AC1	F008B87B089BB8718E83BC5C7E680C52E4D84A477C2347ED9B763D0EAE366D28
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\7e34ad29-1df6-41c1-8eb3-72e57ab59d26.tmp	JSON data	45E627DD60E2C3D4A01503DEE4676294	A11EF6EC4DC3EF006324FDF0AEC9ECEA202C3C1E	7D3709BEE8A1B31AFDFBE6D0E1AA2F771DE38CFEE09736A7077BE08142A5F76B
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\BrowserMetrics-spare.pma (copy)	data	1045BFD216AE1AE480DD0EF626F5FF39	377E869BC123602E9B568816B76BE600ED03DBD0	439292E489A0A35E4A3A0FE304EA1A680337243FA53B135AA9310881E1D7E078
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\BrowserMetrics-spare.pma.tmp	data	1045BFD216AE1AE480DD0EF626F5FF39	377E869BC123602E9B568816B76BE600ED03DBD0	439292E489A0A35E4A3A0FE304EA1A680337243FA53B135AA9310881E1D7E078
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\BrowserMetrics\BrowserMetrics-66D0C7C5-1DC8.pma	data	5FF1BA8839448CA1A0B41ED1488806FD	EBE0662FEBDF25A07300B188B6E3AEB24F612C1C	FEB8C505B0A9C2344C1B6EAB2721996F8FEF59FC8D221A32CB6CCB3F203EE3FC
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Crashpad\settings.dat	data	B018557E1E8D565CF0E97AA017B69EC8	A6884B5B89FF818352D5C3FE371640BA3F452307	108A52D1A1CA8CD72F727BCC1104A4232125FCCF501FE384924D0A1D5C6B22D2
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Crashpad\throttle_store.dat	ASCII text	9E4E94633B73F4A7680240A0FFD6CD2C	E68E02453CE22736169A56FDB59043D33668368F	41C91A9C93D76295746A149DCE7EBB3B9EE2CB551D84365FFF108E59A61CC304
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\29ff30a6-11b9-4f64-b466-237d1e99ca47.tmp	JSON data	FB7F8FBBFB3233FF27D1CBB9FCA017BC	D99899177FD52CE67F4BB9B69941D079E23A6AF6	F413B9993C4E367F7174F65A749167BCDE4FCF0E040CB5B9BF1D7D285140685C
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\8a6fb023-c232-414b-b7d5-ab9f1e20ed5c.tmp	JSON data	6303EA5D75A55BBA2172BF4607F3364E	70EBB3CA805BC33D7E27B9B9B1D196A7C097EA5F	A7326D5CEFD59D4A412E5F98B0C597E54935CB8B92AADAB6FEC9CA00FE52895D
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\AssistanceHome\AssistanceHomeSQLite	SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 1	40B18EC43DB334E7B3F6295C7626F28D	0E46584B0E0A9703C6B2EC1D246F41E63AF2296F	85E961767239E90A361FB6AA0A3FD9DAA57CAAF9E30599BB70124F1954B751C8
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Cache\Cache_Data\data_0	data	EA02032347AB636041010CE716469DE6	B22C97AA451F05A68D90CBBD41E78D52E2340C16	C51DBECAC5A37A32968E14629A4B8B08751781AFCDAA7DE4637EA42FAAF73C97
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Cache\Cache_Data\data_1	data	E7BC473073E47851A02698D3DAD857B3	C887F5DE90BCC937483416E0CC408B91CA66BCBF	187B9BD0E95417B601FC9A6617194718FA3AF88C1AF2E4A4EF028BDBB2B07EB8
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Cache\Cache_Data\data_2	data	93F420E14FA18AA6B6223D1EDB18E4AC	CE07B5E0C2E17B7613BC66DAE8D75FA0519B46AF	8041D26D7F85E39D39EDD414F9AA62786E6EDE2F5004EFD7C744ACEED1801571
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Cache\Cache_Data\data_3	data	B412EF197E11FF4C5668042900321C73	D3F6C4C5E25A0407EAC634CF4ED757A6EC1043CC	A8A3C5D0D676822E86C308E7577BC18664B44F0E89B6A513749350F0AB8B2FC8
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Cache\Cache_Data\f_000001	ASCII text, with very long lines (65447)	2C872DBE60F4BA70FB85356113D8B35E	EE48592D1FFF952FCF06CE0B666ED4785493AFDC	FC9A93DD241F6B045CBFF0481CF4E1901BECD0E12FB45166A8F17F95823F0B1A
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Cache\Cache_Data\f_000002	Web Open Font Format (Version 2), TrueType, length 18536, version 1.0	8EFF0B8045FD1959E117F85654AE7770	227FEE13CEB7C410B5C0BB8000258B6643CB6255	89978E658E840B927DDDB5CB3A835C7D8526ECE79933BD9F3096B301FE1A8571
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Cache\Cache_Data\f_000003	Web Open Font Format (Version 2), TrueType, length 18588, version 1.0	115C2D84727B41DA5E9B4394887A8C40	44F495A7F32620E51ACCA2E78F7E0615CB305781	AE0E442895406E9922237108496C2CD60F4947649A826463E2DA9860B5C25DD6
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Cache\Cache_Data\f_000004	Web Open Font Format (Version 2), TrueType, length 18596, version 1.0	C83E4437A53D7F849F9D32DF3D6B68F3	FABEA5AD92ED3E2431659B02E7624DF30D0C6BBC	D9BADA3A44BB2FFA66DEC5CC781CAFC9EF17ED876CD9B0C5F7EF18228B63CEBB
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Cache\Cache_Data\index	FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0	A89032EF3C593F1E9906965F075D8359	DBF77B8D60028B291D833C248720F264B4D1BD05	B20B9C1367F5CAF2A4703B24A523BFD00A4120EA7672B1BD8E7CA83E52626558
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Code Cache\js\1afe9cacc9803fd2_0	data	A52DB39DB77D503FBB1306587F87B6BF	489A8AAAA08994B561AE85CA2CC94714DC73DFE4	218E8EF377CC6F3C376D52D9A0EAA155C7F55A3659B6EC5490BDA0C537E52BF4
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Code Cache\js\91edad15745f1295_0	data	892D3617420FBD940826E6D87812F9D9	29D53935D339A01B41C60EC5392C9B240E4F5C67	1536661A569DA4B344E9251CEA3A1A260E3A35CCD20149598CBA7B22CF28EAE7
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Code Cache\js\ce7a59cbee8b4379_0	data	BFEC69FB2A56A98EE7D82047B71746C2	38863903378501B4ADD782F053519EE52E1FC84B	4E87491595750EE8F868F046A36A4D5003612F14CF4E1FAB96718F0F8B4D28DA
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Code Cache\js\index	data	54CB446F628B2EA4A5BCE5769910512E	C27CA848427FE87F5CF4D0E0E3CD57151B0D820D	FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Code Cache\js\index-dir\temp-index	data	A894008AEB6ED84CF1E8666352F38D0E	549310D1735DB12EE2ED6C9BEE63BD194CFD77C4	60295DF584F97E660860939FC109029254BA5C383A641C980D78D9342E3456D6
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Code Cache\js\index-dir\the-real-index (copy)	data	A894008AEB6ED84CF1E8666352F38D0E	549310D1735DB12EE2ED6C9BEE63BD194CFD77C4	60295DF584F97E660860939FC109029254BA5C383A641C980D78D9342E3456D6
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Code Cache\js\index-dir\the-real-index~RF427fed.TMP (copy)	data	A894008AEB6ED84CF1E8666352F38D0E	549310D1735DB12EE2ED6C9BEE63BD194CFD77C4	60295DF584F97E660860939FC109029254BA5C383A641C980D78D9342E3456D6
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Code Cache\wasm\index	data	54CB446F628B2EA4A5BCE5769910512E	C27CA848427FE87F5CF4D0E0E3CD57151B0D820D	FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Code Cache\wasm\index-dir\temp-index	data	2112EA53B53BC1259CC0F52527C5D467	36A8911CD8AF6769FD1FB5BD1D93EF7A23FDAA21	76456BA1A5700874897CB90425342F669F70798A82B7FF30219C59E66511E005
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Code Cache\wasm\index-dir\the-real-index (copy)	data	2112EA53B53BC1259CC0F52527C5D467	36A8911CD8AF6769FD1FB5BD1D93EF7A23FDAA21	76456BA1A5700874897CB90425342F669F70798A82B7FF30219C59E66511E005
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\DIPS	SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1	EDC9B99EF8E974C5C88DF2AA3955F424	740A3AAF69FDFA90FC339F8BB5B7421D13262730	3B8EBFF5E75B0C87AAE9F19883B58EB71FC9AC066DC3ED2A21C0876FF17DD099
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\DawnCache\data_0	FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0	CF89D16BB9107C631DAABF0C0EE58EFB	3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B	D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\DawnCache\data_1	data	D0D388F3865D0523E451D6BA0BE34CC4	8571C6A52AACC2747C048E3419E5657B74612995	902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\DawnCache\data_2	data	0962291D6D367570BEE5454721C17E11	59D10A893EF321A706A9255176761366115BEDCB	EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\DawnCache\data_3	data	41876349CB12D6DB992F1309F22DF3F0	5CF26B3420FC0302CD0A71E8D029739B8765BE27	E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\DawnCache\index	FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0	0BB301B944489240BA898A405E7E0F36	24CE08B16528ADEBC88EF6E594858C444A0E6DE4	9329F8B472F899ACA2A6D923BA4D98016021B40446EC7B906917B7ECA3F1B861
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\EdgeEDrop\EdgeEDropSQLite.db	SQLite 3.x database, last written using SQLite version 3042000, file counter 14, database pages 8, cookie 0xe, schema 4, UTF-8, version-valid-for 14	CF7760533536E2AF66EA68BC3561B74D	E991DE2EA8F42AE7E0A96A3B3B8AF87A689C8CCD	E1F183FAE5652BA52F5363A7E28BF62B53E7781314C9AB76B5708AF9918BE066
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Extension Rules\000001.dbtmp	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Extension Rules\000003.log	data	51A2CBB807F5085530DEC18E45CB8569	7AD88CD3DE5844C7FC269C4500228A630016AB5B	1C43A1BDA1E458863C46DFAE7FB43BFB3E27802169F37320399B1DD799A819AC
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Extension Rules\CURRENT (copy)	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Extension Rules\LOG	ASCII text	28F8C1C73D58A78AEF02F17A4CDE234B	31E7760193A7510EAD506B36AEFA7B0029A6542E	0BD368F38C4FED2F4337A6CFD086C5F6456519C526CCBE30C55C584F548FB8B3
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Extension Rules\MANIFEST-000001	OpenPGP Secret Key	5AF87DFD673BA2115E2FCF5CFDB727AB	D5B5BBF396DC291274584EF71F444F420B6056F1	F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Extension Scripts\000001.dbtmp	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Extension Scripts\000003.log	data	51A2CBB807F5085530DEC18E45CB8569	7AD88CD3DE5844C7FC269C4500228A630016AB5B	1C43A1BDA1E458863C46DFAE7FB43BFB3E27802169F37320399B1DD799A819AC
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Extension Scripts\CURRENT (copy)	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Extension Scripts\LOG	ASCII text	3541A6435A0A6C8CEEFA03BF66FB39E6	27710DF2BBAFC0B2CB4A091868C5F83EDA008D3D	941376AA81DECC01727EBD531EE38784C75FBC674C2C2A2E8BC697DCBDF41B5A
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Extension Scripts\MANIFEST-000001	OpenPGP Secret Key	5AF87DFD673BA2115E2FCF5CFDB727AB	D5B5BBF396DC291274584EF71F444F420B6056F1	F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Extension State\000001.dbtmp	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Extension State\000003.log	data	891A884B9FA2BFF4519F5F56D2A25D62	B54A3C12EE78510CB269FB1D863047DD8F571DEA	E2610960C3757D1757F206C7B84378EFA22D86DCF161A98096A5F0E56E1A367E
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Extension State\CURRENT (copy)	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Extension State\LOG	ASCII text	341BE6D7C86B8585E0C23EC4223C39B7	6CEE943E7123B3625C9F94C194F4D3CC6459BAD6	6A56F135053E4479C19DDDC9C75A3128BAB3BD84BA83642446DD7A76952671DD
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Extension State\MANIFEST-000001	OpenPGP Secret Key	5AF87DFD673BA2115E2FCF5CFDB727AB	D5B5BBF396DC291274584EF71F444F420B6056F1	F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\ExtensionActivityComp	SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 1, cookie 0x1, schema 4, UTF-8, version-valid-for 1	2554AD7847B0D04963FDAE908DB81074	F84ABD8D05D7B0DFB693485614ECF5204989B74A	F6EF01E679B9096A7D8A0BD8151422543B51E65142119A9F3271F25F966E6C42
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\ExtensionActivityEdge	SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 8, cookie 0x8, schema 4, UTF-8, version-valid-for 2	1A7F642FD4F71A656BE75B26B2D9ED79	51BBF587FB0CCC2D726DDB95C96757CC2854CFAD	B96B6DDC10C29496069E16089DB0AB6911D7C13B82791868D583897C6D317977
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Favicons	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 10, cookie 0x8, schema 4, UTF-8, version-valid-for 1	F5BBD8449A9C3AB28AC2DE45E9059B01	C569D730853C33234AF2402E69C19E0C057EC165	825FF36C4431084C76F3D22CE0C75FA321EA680D1F8548706B43E60FCF5B566E
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\GPUCache\data_0	FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0	CF89D16BB9107C631DAABF0C0EE58EFB	3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B	D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\GPUCache\data_1	data	D0D388F3865D0523E451D6BA0BE34CC4	8571C6A52AACC2747C048E3419E5657B74612995	902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\GPUCache\data_2	data	0962291D6D367570BEE5454721C17E11	59D10A893EF321A706A9255176761366115BEDCB	EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\GPUCache\data_3	data	41876349CB12D6DB992F1309F22DF3F0	5CF26B3420FC0302CD0A71E8D029739B8765BE27	E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\GPUCache\index	FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0	51434BE69836D1D5DD8039CA50250030	F50BAA013124AF51CD847A5164A2A42347DC5F96	E8ACE6CE1B80AAFE3BCA4D493B146D0E84D59ADA56DF4E0EE95C11B7664AE09C
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\History	SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 2	2C8E2472325F9B5D5435A01884648B14	3C0178D28D1B0156F4F39AB13B327E225B91DB7D	A2733782F4A4C3B520B7088BE2E0E66EB2E0D1A396F79508217ED8AF8BE87553
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\History-journal	data	56F72D55683AEA8C2ABB6CBA5F4FC108	C8F55A8B32E47EC0799A4530FEF2A3947BDBEB4D	BC409EB89E735C929A969173FD3372AC463F4CDED32FF2D65577BFDD4FD49A4F
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Local Storage\leveldb\000001.dbtmp	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Local Storage\leveldb\CURRENT (copy)	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Local Storage\leveldb\LOG	ASCII text	5622766E2DFAD88A49DCF7C52431F50F	77E40C067882FF8E229FE8B9658801742960CF40	E4F20C0316E02EBAB74BEC63B7424FB143A056D9674EED8243F2BD167C76E4D7
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Local Storage\leveldb\MANIFEST-000001	OpenPGP Secret Key	5AF87DFD673BA2115E2FCF5CFDB727AB	D5B5BBF396DC291274584EF71F444F420B6056F1	F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Login Data	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 21, cookie 0xc, schema 4, UTF-8, version-valid-for 1	FB3D677576C25FF04A308A1F627410B7	97D530911F9CB0C37717ABB145D748982ADA0440	A79300470D18AF26E3C5B4F23F81915B92D490105CE84A8122BF8100EC0C7517
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Network Action Predictor	SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 11, cookie 0x6, schema 4, UTF-8, version-valid-for 3	ADC0CFB8A1A20DE2C4AB738B413CBEA4	238EF489E5FDC6EBB36F09D415FB353350E7097B	7C071E36A64FB1881258712C9880F155D9CBAC693BADCC391A1CB110C257CC37
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Network\3ac53f57-dfab-444d-a69f-4fabb3044db1.tmp	JSON data	D751713988987E9331980363E24189CE	97D170E1550EEE4AFC0AF065B78CDA302A97674C	4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Network\521bd3da-044a-457a-bf4c-25ae3fe771d5.tmp	JSON data	2800881C775077E1C4B6E06BF4676DE4	2873631068C8B3B9495638C865915BE822442C8B	226EEC4486509917AA336AFEBD6FF65777B75B65F1FB06891D2A857A9421A974
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Network\5296a21c-cedd-44a4-8f43-06ace8124daa.tmp	JSON data	B04D969BAC3DC11EEB498E0DF848D731	837C988A5C67F86B18C957077F35D2E1CB8F413A	D8DCDD2E175E15D37F01C66A7360C90988CF81D7824E6EA3A4FDD543C83C73F7
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Network\Cookies	SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 7	CFFF4E2B77FC5A18AB6323AF9BF95339	3AA2C2115A8EB4516049600E8832E9BFFE0C2412	EC8B67EF7331A87086A6CC085B085A6B7FFFD325E1B3C90BD3B9B1B119F696AE
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Network\Network Persistent State (copy)	JSON data	2800881C775077E1C4B6E06BF4676DE4	2873631068C8B3B9495638C865915BE822442C8B	226EEC4486509917AA336AFEBD6FF65777B75B65F1FB06891D2A857A9421A974
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Network\Network Persistent State~RF434271.TMP (copy)	JSON data	2800881C775077E1C4B6E06BF4676DE4	2873631068C8B3B9495638C865915BE822442C8B	226EEC4486509917AA336AFEBD6FF65777B75B65F1FB06891D2A857A9421A974
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Network\Reporting and NEL	SQLite 3.x database, last written using SQLite version 3042000, file counter 5, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 5	B21F4A05EA369FB305D76FFCC72D9966	16B5232136E2995EE7A8FC20755E659FC39D3AF7	75621D3A43E140CDE4E1C38EF104066043B01437F9D56281C0A80E41E3F2A825
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Network\SCT Auditing Pending Reports (copy)	JSON data	D751713988987E9331980363E24189CE	97D170E1550EEE4AFC0AF065B78CDA302A97674C	4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Network\SCT Auditing Pending Reports~RF4228a5.TMP (copy)	JSON data	D751713988987E9331980363E24189CE	97D170E1550EEE4AFC0AF065B78CDA302A97674C	4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Network\Sdch Dictionaries (copy)	JSON data	20D4B8FA017A12A108C87F540836E250	1AC617FAC131262B6D3CE1F52F5907E31D5F6F00	6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Network\Trust Tokens	SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8, version-valid-for 3	25363ADC3C9D98BAD1A33D0792405CBF	D06E343087D86EF1A06F7479D81B26C90A60B5C3	6E019B8B9E389216D5BDF1F2FE63F41EF98E71DA101F2A6BE04F41CC5954532D
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Network\c7dc1db3-3e15-4378-b821-bd833f105d83.tmp	JSON data	20D4B8FA017A12A108C87F540836E250	1AC617FAC131262B6D3CE1F52F5907E31D5F6F00	6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Network\d649fc31-4291-4e1c-a28f-3a0c5adf4686.tmp	JSON data	D751713988987E9331980363E24189CE	97D170E1550EEE4AFC0AF065B78CDA302A97674C	4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Preferences (copy)	JSON data	FB7F8FBBFB3233FF27D1CBB9FCA017BC	D99899177FD52CE67F4BB9B69941D079E23A6AF6	F413B9993C4E367F7174F65A749167BCDE4FCF0E040CB5B9BF1D7D285140685C
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Preferences~RF42c245.TMP (copy)	JSON data	FB7F8FBBFB3233FF27D1CBB9FCA017BC	D99899177FD52CE67F4BB9B69941D079E23A6AF6	F413B9993C4E367F7174F65A749167BCDE4FCF0E040CB5B9BF1D7D285140685C
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Preferences~RF433775.TMP (copy)	JSON data	FB7F8FBBFB3233FF27D1CBB9FCA017BC	D99899177FD52CE67F4BB9B69941D079E23A6AF6	F413B9993C4E367F7174F65A749167BCDE4FCF0E040CB5B9BF1D7D285140685C
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\PreferredApps	JSON data	2B432FEF211C69C745ACA86DE4F8E4AB	4B92DA8D4C0188CF2409500ADCD2200444A82FCC	42B55D126D1E640B1ED7A6BDCB9A46C81DF461FA7E131F4F8C7108C2C61C14DE
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\README	ASCII text, with no line terminators	643E00B0186AA80523F8A6BED550A925	EC4056125D6F1A8890FFE01BFFC973C2F6ABD115	A0C9ABAE18599F0A65FC654AD36251F6330794BEA66B718A09D8B297F3E38E87
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Secure Preferences (copy)	JSON data	6303EA5D75A55BBA2172BF4607F3364E	70EBB3CA805BC33D7E27B9B9B1D196A7C097EA5F	A7326D5CEFD59D4A412E5F98B0C597E54935CB8B92AADAB6FEC9CA00FE52895D
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Session Storage\000001.dbtmp	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Session Storage\000003.log	data	9A3DBEF8FA326246CAE0BFC5B462CBF2	B46770B5733A18E878F564054F8385F6ACCCEA80	8254B8E2F0A1DF0C2675BFD87DF2299D3F0799A270B34A767C70C4C558A5FFBB
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Session Storage\CURRENT (copy)	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Session Storage\LOG	ASCII text	BF1B4B3D2A4F3655B256A9B4529CBA14	A19D5FEDFAFC1268750A5A6872B4EA7FD7AD4B90	CCF2D000809BC5C783F03CD2BD154B6C95F3E0C2D66024AF5910B9615E364666
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Session Storage\MANIFEST-000001	OpenPGP Secret Key	5AF87DFD673BA2115E2FCF5CFDB727AB	D5B5BBF396DC291274584EF71F444F420B6056F1	F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Site Characteristics Database\000001.dbtmp	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Site Characteristics Database\000003.log	data	148079685E25097536785F4536AF014B	C5FF5B1B69487A9DD4D244D11BBAFA91708C1A41	F096BC366A931FBA656BDCD77B24AF15A5F29FC53281A727C79F82C608ECFAB8
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Site Characteristics Database\CURRENT (copy)	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Site Characteristics Database\LOG	ASCII text	CA5FFAF5854AA6AB3A50CA6BDD2869BE	3D60603046CC27115C0A4BA13DA7990236163298	9BF96EF46949D6F7BD72352A7D961BF5916EA53F4E4CF19890AAC5DDB193F09F
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Site Characteristics Database\MANIFEST-000001	OpenPGP Secret Key	5AF87DFD673BA2115E2FCF5CFDB727AB	D5B5BBF396DC291274584EF71F444F420B6056F1	F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Sync Data\LevelDB\000001.dbtmp	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Sync Data\LevelDB\000003.log	data	90881C9C26F29FCA29815A08BA858544	06FEE974987B91D82C2839A4BB12991FA99E1BDD	A2CA52E34B6138624AC2DD20349CDE28482143B837DB40A7F0FBDA023077C26A
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Sync Data\LevelDB\CURRENT (copy)	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Sync Data\LevelDB\LOG	ASCII text	7AACE87B0F6B92B2CB51A0EE38B73102	A7660A95F1E52F70FAAB579CAE96FBFBD7AA88F7	085A6818A9DE4BA86EFE3EA13EB7B69CCCCAA812E5D8A042FDFBF2BEB37C1735
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Sync Data\LevelDB\MANIFEST-000001	OpenPGP Secret Key	5AF87DFD673BA2115E2FCF5CFDB727AB	D5B5BBF396DC291274584EF71F444F420B6056F1	F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Top Sites	SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1	F2B4FB2D384AA4E4D6F4AEB0BBA217DC	2CD70CFB3CE72D9B079170C360C1F563B6BF150E	1ECC07CD1D383472DAD33D2A5766625009EA5EACBAEDE2417ADA1842654CBBC8
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Visited Links	data	34099300F5F52DDC1704BE05204BA690	4208125C217F76A1062B133132DB48D85EACB73A	0B841FC922C2916957DEDD4406F703164D4B4BEA5155AB40ACFC1383CEA816EA
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\Web Data	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 87, cookie 0x36, schema 4, UTF-8, version-valid-for 3	6B2D5ED0A90C99FD05D58FE8E924C886	34E1103E18E57E9D1769C89DFB2DAD84BFDD54B5	2873E973AB5B91CD07405FD5D35E2A843A408AD53696372BEC794F4582368E49
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\e5e6155a-1c59-47cc-ac23-53d883c0990d.tmp	JSON data	C103B5F28C1549165795862F9C2E453A	1F72D11B699D059A515B9C8EF66CA5F2D3AFEC61	8937894FCB27A39085F2E2FABFD8489A68E9E82D4C854E1201F4BB2E8FFDC503
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\ead8be59-5ced-4156-a568-3a7c8885b37f.tmp	JSON data	217F811786241A10591579E14B6A1536	C787628A4348E87D5834BBDBB579C99D90E670E0	8A94E766ABFA7A3A95956024FFE172CDF793FEC90E051B564BBF3D780C64D247
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\heavy_ad_intervention_opt_out.db	SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 4, cookie 0x2, schema 4, UTF-8, version-valid-for 2	D2CCDC36225684AAE8FA563AFEDB14E7	3759649035F23004A4C30A14C5F0B54191BEBF80	080AEE864047C67CB1586A5BA5EDA007AFD18ECC2B702638287E386F159D7AEE
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\shared_proto_db\000001.dbtmp	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\shared_proto_db\000003.log	data	00C0DEFAC69CFE6E18C6FD4D684D6625	F80E1AB029E1116EE2FE85B2ECBF0959CCE884A7	1FCAFCF037F8CE32A6EB94539F4A7D67FC51FE2BD8EDBD95C1D0322841EEC8A2
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\shared_proto_db\CURRENT (copy)	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\shared_proto_db\LOG	ASCII text	880E890D72CC2DEA660518C1B70AA1FF	66A790E0F97BA03E3AB287743D47929310B58805	33C64909518E10B8DCEC7CB91C5EFBCF298916761272AA0C447F878B911C410D
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\shared_proto_db\MANIFEST-000001	OpenPGP Secret Key	5AF87DFD673BA2115E2FCF5CFDB727AB	D5B5BBF396DC291274584EF71F444F420B6056F1	F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\shared_proto_db\metadata\000001.dbtmp	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\shared_proto_db\metadata\000003.log	data	1DE951E901ED35E532EEBE62E25D7B68	31CC63C8C6AD38F1AD9EC5B75391E5E642D5EB73	19A8D45F22049CA45CCCF3CE04A1C3BA194B7CE6DB6F94FBDEBC95D5A3F55B23
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\shared_proto_db\metadata\CURRENT (copy)	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\shared_proto_db\metadata\LOG	ASCII text	2EA8493C5B2B625384206E45223652D5	438A83AC424F6667DABC52E3E24E0A27B64D3987	0F7D4254CCAF4B083756D8D53B5B8C04F5BDEBA9FE778B54F1AF971DBE5A125B
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Default\shared_proto_db\metadata\MANIFEST-000001	OpenPGP Secret Key	5AF87DFD673BA2115E2FCF5CFDB727AB	D5B5BBF396DC291274584EF71F444F420B6056F1	F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\GrShaderCache\data_0	FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0	CF89D16BB9107C631DAABF0C0EE58EFB	3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B	D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\GrShaderCache\data_1	data	D0D388F3865D0523E451D6BA0BE34CC4	8571C6A52AACC2747C048E3419E5657B74612995	902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\GrShaderCache\data_2	data	0962291D6D367570BEE5454721C17E11	59D10A893EF321A706A9255176761366115BEDCB	EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\GrShaderCache\data_3	data	41876349CB12D6DB992F1309F22DF3F0	5CF26B3420FC0302CD0A71E8D029739B8765BE27	E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\GrShaderCache\index	FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0	42519D2C8C0A58D3BCC2D62293F53A23	01A1F240945ACA601216933F2FA914384E20C687	F3E102BD4B312E99FBDD8D4C2EB31092C0464AB6A36A21EB746076C4DF8040C5
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\GraphiteDawnCache\data_0	FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0	CF89D16BB9107C631DAABF0C0EE58EFB	3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B	D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\GraphiteDawnCache\data_1	data	D0D388F3865D0523E451D6BA0BE34CC4	8571C6A52AACC2747C048E3419E5657B74612995	902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\GraphiteDawnCache\data_2	data	0962291D6D367570BEE5454721C17E11	59D10A893EF321A706A9255176761366115BEDCB	EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\GraphiteDawnCache\data_3	data	41876349CB12D6DB992F1309F22DF3F0	5CF26B3420FC0302CD0A71E8D029739B8765BE27	E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\GraphiteDawnCache\index	FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0	FC224A8D7676D438F61983E8A31A131E	09E96891E38BE8EAE72513663A38A60F038F8EEA	E70EBCDC16153D364BB90A20AD7345D715CFBB0478EACCF9294F8AF92BBCA964
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Last Version	ASCII text, with no line terminators	BF16C04B916ACE92DB941EBB1AF3CB18	FA8DAEAE881F91F61EE0EE21BE5156255429AA8A	7FC23C9028A316EC0AC25B09B5B0D61A1D21E58DFCF84C2A5F5B529129729098
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Local State (copy)	JSON data	4174B8EECBF601AC37013C11274AB68F	93C8F04D033829764CC20F9ECA7A12D594C34322	93AB8EF692BFAA122F4BA098483831D2C53D55723A5922FC1664C8AA161FB98C
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Local State~RF42251b.TMP (copy)	JSON data	4174B8EECBF601AC37013C11274AB68F	93C8F04D033829764CC20F9ECA7A12D594C34322	93AB8EF692BFAA122F4BA098483831D2C53D55723A5922FC1664C8AA161FB98C
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Local State~RF422588.TMP (copy)	JSON data	4174B8EECBF601AC37013C11274AB68F	93C8F04D033829764CC20F9ECA7A12D594C34322	93AB8EF692BFAA122F4BA098483831D2C53D55723A5922FC1664C8AA161FB98C
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Local State~RF424bec.TMP (copy)	JSON data	4174B8EECBF601AC37013C11274AB68F	93C8F04D033829764CC20F9ECA7A12D594C34322	93AB8EF692BFAA122F4BA098483831D2C53D55723A5922FC1664C8AA161FB98C
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Local State~RF4335ee.TMP (copy)	JSON data	4174B8EECBF601AC37013C11274AB68F	93C8F04D033829764CC20F9ECA7A12D594C34322	93AB8EF692BFAA122F4BA098483831D2C53D55723A5922FC1664C8AA161FB98C
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Local State~RF439c59.TMP (copy)	JSON data	4174B8EECBF601AC37013C11274AB68F	93C8F04D033829764CC20F9ECA7A12D594C34322	93AB8EF692BFAA122F4BA098483831D2C53D55723A5922FC1664C8AA161FB98C
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\ShaderCache\data_0	FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0	CF89D16BB9107C631DAABF0C0EE58EFB	3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B	D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\ShaderCache\data_1	data	D0D388F3865D0523E451D6BA0BE34CC4	8571C6A52AACC2747C048E3419E5657B74612995	902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\ShaderCache\data_2	data	0962291D6D367570BEE5454721C17E11	59D10A893EF321A706A9255176761366115BEDCB	EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\ShaderCache\data_3	data	41876349CB12D6DB992F1309F22DF3F0	5CF26B3420FC0302CD0A71E8D029739B8765BE27	E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\ShaderCache\index	FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0	B20F4CBDF801AA8BC5F9F7CF7B8842D9	A6127220BFE5588E160497751E85F64C4F090DAD	F55A6478AC021213A76DED255EFBB10BCDAA0DE30AAD7A45FFBE6AA204319AFE
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\Variations	JSON data	961E3604F228B0D10541EBF921500C86	6E00570D9F78D9CFEBE67D4DA5EFE546543949A7	F7B24F2EB3D5EB0550527490395D2F61C3D2FE74BB9CB345197DAD81B58B5FED
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\e155d714-65be-4e97-807c-4bac3ce3834c.tmp	JSON data	B0C5EEA8E0740CC40C65A22372253B63	11D501043EBECAABF8E928ABBA9E4860518483B5	B520E67435939C64C93991B123FEFB5EC6F48C73BE66FBD87637191AA4F17669
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\e2ef58de-f2e6-4903-a54a-cf2cce2335af.tmp	JSON data	4174B8EECBF601AC37013C11274AB68F	93C8F04D033829764CC20F9ECA7A12D594C34322	93AB8EF692BFAA122F4BA098483831D2C53D55723A5922FC1664C8AA161FB98C
C:\Users\user\AppData\Roaming\BrowserUpdateTool.exe\EBWebView\e707b652-7fb0-4f82-9b4b-cca4e64c1614.tmp	JSON data	B68AD5D7AFDB81AEE73849FC41B86E33	95240C244F7D11F5138315D5E2ADEE2D3114846B	9CCE30BBDAE77E1DF3F50EE44B35440FA4EA49E64DB4B3A5D4668E537EA648B3

Windows Analysis Report
BrowserUpdateTool.exe

Overview

General Information

Detection

Signatures

Classification

Signatures

Bitcoin Miner

Compliance

Spreading

Networking

Key, Mouse, Clipboard, Microphone and Screen Capturing

System Summary

Data Obfuscation

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

HIPS / PFW / Operating System Protection Evasion

Language, Device and Operating System Detection

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Windows Analysis Report BrowserUpdateTool.exe

Overview

General Information

Detection

Signatures

Classification

Signatures

Bitcoin Miner

Compliance

Spreading

Networking

Key, Mouse, Clipboard, Microphone and Screen Capturing

System Summary

Data Obfuscation

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

HIPS / PFW / Operating System Protection Evasion

Language, Device and Operating System Detection

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Windows Analysis Report
BrowserUpdateTool.exe