Edit tour
Windows
Analysis Report
file.exe
Overview
General Information
| Sample name: | file.exe |
| Analysis ID: | 1502268 |
| MD5: | 4ea77c57cb0e4de372edd5e2d1ae4a82 |
| SHA1: | 0eb5ce10901508bd6617b8312cfbe41e1ebf7b23 |
| SHA256: | accf43f97945d8b74f25174f9b69a8df69bd60386bd1a74ae53bc7c927495bfc |
| Tags: | exe |
| Infos: | |
 | |
Detection
| Score: | 72 |
| Range: | 0 - 100 |
| Whitelisted: | false |
| Confidence: | 100% |
Signatures
Multi AV Scanner detection for submitted file
AI detected suspicious sample
Binary is likely a compiled AutoIt script file
Found API chain indicative of debugger detection
Found API chain indicative of sandbox detection
Machine Learning detection for sample
Maps a DLL or memory area into another process
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Detected potential crypto function
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
OS version to string mapping found (often used in BOTs)
Potential key logger detected (key state polling based)
Sample execution stops while process was sleeping (likely an evasion)
Sleep loop found (likely to delay execution)
Uses 32bit PE files
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Uses insecure TLS / SSL version for HTTPS connection
Classification
- System is w10x64
file.exe (PID: 1456 cmdline: "C:\Users\ user\Deskt op\file.ex e" MD5: 4EA77C57CB0E4DE372EDD5E2D1AE4A82) 
msedge.exe (PID: 3428 cmdline: "C:\Progra m Files (x 86)\Micros oft\Edge\A pplication \msedge.ex e" --kiosk --edge-ki osk-type=f ullscreen --no-first -run --dis able-featu res=Transl ateUI --di sable-popu p-blocking --disable -extension s --no-def ault-brows er-check - -app=https ://account s.google.c om/Service Login?serv ice=accoun tsettings& continue=h ttps://mya ccount.goo gle.com/si gninoption s/password MD5: BF154738460E4AB1D388970E1AB13FAB) - msedge.exe (PID: 4776 cmdline:
"C:\Progra m Files (x 86)\Micros oft\Edge\A pplication \msedge.ex e" --type= utility -- utility-su b-type=net work.mojom .NetworkSe rvice --la ng=en-GB - -service-s andbox-typ e=none --m ojo-platfo rm-channel -handle=21 12 --field -trial-han dle=1752,i ,152352593 4128542729 9,20140340 7017272253 9,262144 - -disable-f eatures=Tr anslateUI /prefetch: 3 MD5: BF154738460E4AB1D388970E1AB13FAB)
- msedge.exe (PID: 5224 cmdline:
"C:\Progra m Files (x 86)\Micros oft\Edge\A pplication \msedge.ex e" --kiosk --edge-ki osk-type=f ullscreen --no-first -run --dis able-featu res=Transl ateUI --di sable-popu p-blocking --disable -extension s --no-def ault-brows er-check - -app=https ://account s.google.c om/Service Login?serv ice=accoun tsettings& continue=h ttps://mya ccount.goo gle.com/si gninoption s/password --flag-sw itches-beg in --flag- switches-e nd --disab le-nacl -- do-not-de- elevate MD5: BF154738460E4AB1D388970E1AB13FAB) - msedge.exe (PID: 2528 cmdline:
"C:\Progra m Files (x 86)\Micros oft\Edge\A pplication \msedge.ex e" --type= utility -- utility-su b-type=net work.mojom .NetworkSe rvice --la ng=en-GB - -service-s andbox-typ e=none --m ojo-platfo rm-channel -handle=22 84 --field -trial-han dle=2092,i ,127107723 7564560840 0,81409704 0971992370 3,262144 - -disable-f eatures=Tr anslateUI /prefetch: 3 MD5: BF154738460E4AB1D388970E1AB13FAB) - msedge.exe (PID: 8328 cmdline:
"C:\Progra m Files (x 86)\Micros oft\Edge\A pplication \msedge.ex e" --type= utility -- utility-su b-type=ass et_store.m ojom.Asset StoreServi ce --lang= en-GB --se rvice-sand box-type=a sset_store _service - -mojo-plat form-chann el-handle= 7252 --fie ld-trial-h andle=2092 ,i,1271077 2375645608 400,814097 0409719923 703,262144 --disable -features= TranslateU I /prefetc h:8 MD5: BF154738460E4AB1D388970E1AB13FAB) - msedge.exe (PID: 8340 cmdline:
"C:\Progra m Files (x 86)\Micros oft\Edge\A pplication \msedge.ex e" --type= utility -- utility-su b-type=ent ity_extrac tion_servi ce.mojom.E xtractor - -lang=en-G B --servic e-sandbox- type=entit y_extracti on --onnx- enabled-fo r-ee --moj o-platform -channel-h andle=4864 --field-t rial-handl e=2092,i,1 2710772375 645608400, 8140970409 719923703, 262144 --d isable-fea tures=Tran slateUI /p refetch:8 MD5: BF154738460E4AB1D388970E1AB13FAB) 
identity_helper.exe (PID: 8416 cmdline: "C:\Progra m Files (x 86)\Micros oft\Edge\A pplication \117.0.204 5.55\ident ity_helper .exe" --ty pe=utility --utility -sub-type= winrt_app_ id.mojom.W inrtAppIdS ervice --l ang=en-GB --service- sandbox-ty pe=none -- mojo-platf orm-channe l-handle=7 476 --fiel d-trial-ha ndle=2092, i,12710772 3756456084 00,8140970 4097199237 03,262144 --disable- features=T ranslateUI /prefetch :8 MD5: F8CEC3E43A6305AC9BA3700131594306) - identity_helper.exe (PID: 8428 cmdline:
"C:\Progra m Files (x 86)\Micros oft\Edge\A pplication \117.0.204 5.55\ident ity_helper .exe" --ty pe=utility --utility -sub-type= winrt_app_ id.mojom.W inrtAppIdS ervice --l ang=en-GB --service- sandbox-ty pe=none -- mojo-platf orm-channe l-handle=7 476 --fiel d-trial-ha ndle=2092, i,12710772 3756456084 00,8140970 4097199237 03,262144 --disable- features=T ranslateUI /prefetch :8 MD5: F8CEC3E43A6305AC9BA3700131594306)
- msedge.exe (PID: 8880 cmdline:
"C:\Progra m Files (x 86)\Micros oft\Edge\A pplication \msedge.ex e" --no-st artup-wind ow --win-s ession-sta rt /prefet ch:5 MD5: BF154738460E4AB1D388970E1AB13FAB) - msedge.exe (PID: 9200 cmdline:
"C:\Progra m Files (x 86)\Micros oft\Edge\A pplication \msedge.ex e" --type= utility -- utility-su b-type=net work.mojom .NetworkSe rvice --la ng=en-GB - -service-s andbox-typ e=none --m ojo-platfo rm-channel -handle=23 80 --field -trial-han dle=2120,i ,132410682 2207585202 2,17189504 9412403201 8,262144 / prefetch:3 MD5: BF154738460E4AB1D388970E1AB13FAB) - msedge.exe (PID: 7088 cmdline:
"C:\Progra m Files (x 86)\Micros oft\Edge\A pplication \msedge.ex e" --type= utility -- utility-su b-type=ass et_store.m ojom.Asset StoreServi ce --lang= en-GB --se rvice-sand box-type=a sset_store _service - -mojo-plat form-chann el-handle= 2108 --fie ld-trial-h andle=2120 ,i,1324106 8222075852 022,171895 0494124032 018,262144 /prefetch :8 MD5: BF154738460E4AB1D388970E1AB13FAB)
- msedge.exe (PID: 8416 cmdline:
"C:\Progra m Files (x 86)\Micros oft\Edge\A pplication \msedge.ex e" --no-st artup-wind ow --win-s ession-sta rt /prefet ch:5 MD5: BF154738460E4AB1D388970E1AB13FAB) - msedge.exe (PID: 420 cmdline:
"C:\Progra m Files (x 86)\Micros oft\Edge\A pplication \msedge.ex e" --type= utility -- utility-su b-type=net work.mojom .NetworkSe rvice --la ng=en-GB - -service-s andbox-typ e=none --m ojo-platfo rm-channel -handle=19 32 --field -trial-han dle=2032,i ,114733713 7032743019 8,70850083 0122576135 6,262144 / prefetch:3 MD5: BF154738460E4AB1D388970E1AB13FAB)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
⊘No Suricata rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |   |
|---|
| Source: | Virustotal: | Perma Link | ||
| Source: | Integrated Neural Analysis Model: | ||
| Source: | Joe Sandbox ML: | ||
| Source: | Static PE information: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | Code function: | 0_2_0057DBBE | |
| Source: | Code function: | 0_2_0054C2A2 | |
| Source: | Code function: | 0_2_005868EE | |
| Source: | Code function: | 0_2_0058698F | |
| Source: | Code function: | 0_2_0057D076 | |
| Source: | Code function: | 0_2_0057D3A9 | |
| Source: | Code function: | 0_2_00589642 | |
| Source: | Code function: | 0_2_0058979D | |
| Source: | Code function: | 0_2_00589B2B | |
| Source: | Code function: | 0_2_00585C97 | |
| Source: | IP Address: | ||
| Source: | IP Address: | ||
| Source: | IP Address: | ||
| Source: | JA3 fingerprint: | ||
| Source: | JA3 fingerprint: | ||
| Source: | JA3 fingerprint: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | Code function: | 0_2_0058CE44 | |
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DoH DNS queries detected: | ||
| Source: | DoH DNS queries detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | Code function: | 0_2_0058EAFF | |
| Source: | Code function: | 0_2_0058ED6A | |
| Source: | Code function: | 0_2_0058EAFF | |
| Source: | Code function: | 0_2_0057AA57 | |
| Source: | Code function: | 0_2_005A9576 | |
System Summary | |
|---|
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | memstr_130af297-5 | |
| Source: | String found in binary or memory: | memstr_1b860f9b-a | |
| Source: | String found in binary or memory: | memstr_fc23e203-7 | |
| Source: | String found in binary or memory: | memstr_c5836b66-1 | |
| Source: | Code function: | 0_2_0057D5EB | |
| Source: | Code function: | 0_2_00571201 | |
| Source: | Code function: | 0_2_0057E8F6 | |
| Source: | Code function: | 0_2_00582046 | |
| Source: | Code function: | 0_2_00518060 | |
| Source: | Code function: | 0_2_00578298 | |
| Source: | Code function: | 0_2_0054E4FF | |
| Source: | Code function: | 0_2_0054676B | |
| Source: | Code function: | 0_2_005A4873 | |
| Source: | Code function: | 0_2_0051CAF0 | |
| Source: | Code function: | 0_2_0053CAA0 | |
| Source: | Code function: | 0_2_0052CC39 | |
| Source: | Code function: | 0_2_00546DD9 | |
| Source: | Code function: | 0_2_0052B119 | |
| Source: | Code function: | 0_2_005191C0 | |
| Source: | Code function: | 0_2_00531394 | |
| Source: | Code function: | 0_2_0053781B | |
| Source: | Code function: | 0_2_0052997D | |
| Source: | Code function: | 0_2_00517920 | |
| Source: | Code function: | 0_2_00537A4A | |
| Source: | Code function: | 0_2_00537CA7 | |
| Source: | Code function: | 0_2_0059BE44 | |
| Source: | Code function: | 0_2_00549EEE | |
| Source: | Code function: | 0_2_0051BF40 | |
| Source: | Static PE information: | ||
| Source: | Classification label: | ||
| Source: | Code function: | 0_2_005837B5 | |
| Source: | Code function: | 0_2_005710BF | |
| Source: | Code function: | 0_2_005716C3 | |
| Source: | Code function: | 0_2_005851CD | |
| Source: | Code function: | 0_2_0059A67C | |
| Source: | Code function: | 0_2_0058648E | |
| Source: | Code function: | 0_2_005142A2 | |
| Source: | File created: | Jump to behavior | ||
| Source: | File created: | Jump to behavior | ||
| Source: | Static PE information: | ||
| Source: | Key opened: | Jump to behavior | ||
| Source: | Binary or memory string: | ||
| Source: | Virustotal: | ||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Window detected: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Code function: | 0_2_005142DE | |
| Source: | Code function: | 0_2_00530A89 | |
| Source: | Registry value created or modified: | Jump to behavior | ||
| Source: | Registry value created or modified: | Jump to behavior | ||
| Source: | Code function: | 0_2_0052F98E | |
| Source: | Code function: | 0_2_005A1C41 | |
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
Malware Analysis System Evasion | |
|---|
| Source: | Sandbox detection routine: | graph_0-96165 | ||
| Source: | Window / User API: | Jump to behavior | ||
| Source: | API coverage: | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Last function: | ||
| Source: | Thread sleep count: | Jump to behavior | ||
| Source: | Code function: | 0_2_0057DBBE | |
| Source: | Code function: | 0_2_0054C2A2 | |
| Source: | Code function: | 0_2_005868EE | |
| Source: | Code function: | 0_2_0058698F | |
| Source: | Code function: | 0_2_0057D076 | |
| Source: | Code function: | 0_2_0057D3A9 | |
| Source: | Code function: | 0_2_00589642 | |
| Source: | Code function: | 0_2_0058979D | |
| Source: | Code function: | 0_2_00589B2B | |
| Source: | Code function: | 0_2_00585C97 | |
| Source: | Code function: | 0_2_005142DE | |
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
Anti Debugging | |
|---|
| Source: | Debugger detection routine: | graph_0-95763 | ||
| Source: | Code function: | 0_2_0058EAA2 | |
| Source: | Code function: | 0_2_00542622 | |
| Source: | Code function: | 0_2_005142DE | |
| Source: | Code function: | 0_2_00534CE8 | |
| Source: | Code function: | 0_2_00570B62 | |
| Source: | Code function: | 0_2_00542622 | |
| Source: | Code function: | 0_2_0053083F | |
| Source: | Code function: | 0_2_005309D5 | |
| Source: | Code function: | 0_2_00530C21 | |
HIPS / PFW / Operating System Protection Evasion | |
|---|
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Code function: | 0_2_00571201 | |
| Source: | Code function: | 0_2_00552BA5 | |
| Source: | Code function: | 0_2_0052F98E | |
| Source: | Code function: | 0_2_005922DA | |
| Source: | Code function: | 0_2_00570B62 | |
| Source: | Code function: | 0_2_00571663 | |
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Code function: | 0_2_00530698 | |
| Source: | Code function: | 0_2_00588195 | |
| Source: | Code function: | 0_2_0056D27A | |
| Source: | Code function: | 0_2_0054B952 | |
| Source: | Code function: | 0_2_005142DE | |
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Code function: | 0_2_00591204 | |
| Source: | Code function: | 0_2_00591806 | |
| Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Gather Victim Identity Information | Acquire Infrastructure | 2 Valid Accounts | 1 Native API | 1 DLL Side-Loading | 1 Exploitation for Privilege Escalation | 1 Disable or Modify Tools | 21 Input Capture | 2 System Time Discovery | Remote Services | 1 Archive Collected Data | 2 Ingress Tool Transfer | Exfiltration Over Other Network Medium | 1 System Shutdown/Reboot |
| Credentials | Domains | Default Accounts | Scheduled Task/Job | 2 Valid Accounts | 1 DLL Side-Loading | 1 Deobfuscate/Decode Files or Information | LSASS Memory | 1 Account Discovery | Remote Desktop Protocol | 21 Input Capture | 11 Encrypted Channel | Exfiltration Over Bluetooth | Network Denial of Service |
| Email Addresses | DNS Server | Domain Accounts | At | 1 Registry Run Keys / Startup Folder | 2 Valid Accounts | 2 Obfuscated Files or Information | Security Account Manager | 1 File and Directory Discovery | SMB/Windows Admin Shares | 3 Clipboard Data | 3 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
| Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | 21 Access Token Manipulation | 1 DLL Side-Loading | NTDS | 15 System Information Discovery | Distributed Component Object Model | Input Capture | 14 Application Layer Protocol | Traffic Duplication | Data Destruction |
| Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | 12 Process Injection | 1 Masquerading | LSA Secrets | 221 Security Software Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
| Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | 1 Registry Run Keys / Startup Folder | 2 Valid Accounts | Cached Domain Credentials | 22 Virtualization/Sandbox Evasion | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
| DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 22 Virtualization/Sandbox Evasion | DCSync | 2 Process Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
| Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | 21 Access Token Manipulation | Proc Filesystem | 11 Application Window Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
| Network Topology | Malvertising | Exploit Public-Facing Application | Command and Scripting Interpreter | At | At | 12 Process Injection | /etc/passwd and /etc/shadow | 1 System Owner/User Discovery | Direct Cloud VM Connections | Data Staged | Web Protocols | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Internal Defacement |
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
InternetThis section contains all screenshots as thumbnails, including those not shown in the slideshow.
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 22% | Virustotal | Browse | ||
| 100% | Joe Sandbox ML |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe |
| Name | IP | Active | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|---|
| s-part-0014.t-0009.t-msedge.net | 13.107.246.42 | true | false | unknown | |
| chrome.cloudflare-dns.com | 172.64.41.3 | true | false | unknown | |
| bzib.nelreports.net | unknown | unknown | false | unknown |
| Name | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|
| false |
| unknown | |
| false |
| unknown |
| Name | Source | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
| IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
|---|---|---|---|---|---|---|
| 13.107.246.42 | s-part-0014.t-0009.t-msedge.net | United States | 8068 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
| 142.251.40.238 | unknown | United States | 15169 | GOOGLEUS | false | |
| 172.253.63.84 | unknown | United States | 15169 | GOOGLEUS | false | |
| 162.159.61.3 | unknown | United States | 13335 | CLOUDFLARENETUS | false | |
| 142.250.65.238 | unknown | United States | 15169 | GOOGLEUS | false | |
| 239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
| 142.250.80.4 | unknown | United States | 15169 | GOOGLEUS | false | |
| 172.64.41.3 | chrome.cloudflare-dns.com | United States | 13335 | CLOUDFLARENETUS | false |
| IP |
|---|
| 192.168.2.6 |
| Joe Sandbox version: | 40.0.0 Tourmaline |
| Analysis ID: | 1502268 |
| Start date and time: | 2024-08-31 22:04:08 +02:00 |
| Joe Sandbox product: | CloudBasic |
| Overall analysis duration: | 0h 6m 0s |
| Hypervisor based Inspection enabled: | false |
| Report type: | full |
| Cookbook file name: | default.jbs |
| Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
| Number of analysed new started processes analysed: | 23 |
| Number of new started drivers analysed: | 0 |
| Number of existing processes analysed: | 0 |
| Number of existing drivers analysed: | 0 |
| Number of injected processes analysed: | 0 |
| Technologies: |
|
| Analysis Mode: | default |
| Analysis stop reason: | Timeout |
| Sample name: | file.exe |
| Detection: | MAL |
| Classification: | mal72.evad.winEXE@72/302@14/9 |
| EGA Information: |
|
| HCA Information: |
|
| Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, RuntimeBroker.exe, WMIADAP.exe, SIHClient.exe, backgroundTaskHost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 13.107.42.16, 173.194.76.84, 204.79.197.239, 13.107.21.239, 13.107.6.158, 2.19.126.145, 2.19.126.152, 172.217.16.195, 142.250.186.35, 2.23.209.135, 2.23.209.187, 2.23.209.149, 2.23.209.189, 2.23.209.140, 2.23.209.133, 2.23.209.150, 2.23.209.130, 2.23.209.185, 20.199.58.43, 192.229.221.95, 93.184.221.240, 142.250.65.195, 142.251.35.163, 142.250.65.227, 142.250.80.67, 142.251.40.163, 23.44.133.38, 23.44.133.57
- Excluded domains from analysis (whitelisted): config.edge.skype.com.trafficmanager.net, slscr.update.microsoft.com, a416.dscd.akamai.net, edgeassetservice.afd.azureedge.net, iris-de-prod-azsc-v2-frc.francecentral.cloudapp.azure.com, arc.msn.com, e86303.dscx.akamaiedge.net, ocsp.digicert.com, www.bing.com.edgekey.net, config-edge-skype.l-0007.l-msedge.net, msedge.b.tlu.dl.delivery.mp.microsoft.com, arc.trafficmanager.net, www.gstatic.com, l-0007.l-msedge.net, config.edge.skype.com, www.bing.com, edge-microsoft-com.dual-a-0036.a-msedge.net, client.wns.windows.com, fs.microsoft.com, accounts.google.com, bzib.nelreports.net.akamaized.net, fonts.gstatic.com, ctldl.windowsupdate.com, b-0005.b-msedge.net, www-www.bing.com.trafficmanager.net, edge.microsoft.com, business-bing-com.b-0005.b-msedge.net, fe3cr.delivery.mp.microsoft.com, l-0007.config.skype.com, edgeassetservice.azureedge.net, azureedge-t-prod.trafficmanager.net, business.bing.com, dual-a-0036.a-msedge.net
- Report size exceeded maximum capacity and may have missing behavior information.
- Report size exceeded maximum capacity and may have missing disassembly code.
- Report size getting too big, too many NtAllocateVirtualMemory calls found.
- Report size getting too big, too many NtOpenFile calls found.
- Report size getting too big, too many NtProtectVirtualMemory calls found.
- Report size getting too big, too many NtWriteVirtualMemory calls found.
| Time | Type | Description |
|---|---|---|
| 22:05:13 | Autostart | |
| 22:05:21 | Autostart |
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| 13.107.246.42 | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| 162.159.61.3 | Get hash | malicious | Unknown | Browse | ||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| 239.255.255.250 | Get hash | malicious | Unknown | Browse | ||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse |
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| s-part-0014.t-0009.t-msedge.net | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| chrome.cloudflare-dns.com | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| CLOUDFLARENETUS | Get hash | malicious | LummaC | Browse |
| |
| Get hash | malicious | LummaC | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | LummaC, Amadey, LummaC Stealer, PureLog Stealer, RedLine, Stealc, Vidar | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| CLOUDFLARENETUS | Get hash | malicious | LummaC | Browse |
| |
| Get hash | malicious | LummaC | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | LummaC, Amadey, LummaC Stealer, PureLog Stealer, RedLine, Stealc, Vidar | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| MICROSOFT-CORP-MSN-AS-BLOCKUS | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| 1138de370e523e824bbca92d049a3777 | Get hash | malicious | Telegram Phisher | Browse |
| |
| Get hash | malicious | Telegram Phisher | Browse |
| ||
| Get hash | malicious | Telegram Phisher | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| 28a2c9bd18a11de089ef85a160da29e4 | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| 3b5074b1b5d032e5620f69f9f700ff0e | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | LummaC | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
|
⊘No context
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\03497265-2cb6-40d8-8cf5-efa866ab974a.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 24274 |
| Entropy (8bit): | 6.056005745038982 |
| Encrypted: | false |
| SSDEEP: | 384:UtMGQ7LBjuYXGIgtDAW5u0TDJ2q03X8NlOYXCHuqdpVEz0ZoV1PdQYT3W4Ad4nm:kMGQ7FCYXGIgtDAWtJ4nHlH8z0ZoV11q |
| MD5: | CD8D9060807F3F1F636F6AEDA562DC35 |
| SHA1: | C6B0A8819C53EE6AD2DCDE10359D3C5997338690 |
| SHA-256: | AF9C09410511986CC170EF6C1D2AD6C77510913AC8EB8FDDD3A7C7CB73F84F17 |
| SHA-512: | DC070F3DF6A187A241015C215421046AFB9B68EB10BF481CB228A0438C5A86F5986D50D946DB141D7D7A5B69289F8F0F2903923410CB919ECB8BCB5EB2800413 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\09ce9a8f-749d-4880-88b8-2b2b3a7087c6.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2958 |
| Entropy (8bit): | 5.587720943184201 |
| Encrypted: | false |
| SSDEEP: | 48:YuBqDPEFMsFiHC0afPD7RpFbBkjUvpAkHB+udrxWvBIYSWR7+OJkXUcAhN4wlRkE:Xq8NkC1fPD7LeURDBrcvTB73JkEcAbdx |
| MD5: | A8692EBCFBB3329964BB0B9EB1DD5E29 |
| SHA1: | B8A2E8409C9DC5D740AA508A6485B2B80A8EE4B8 |
| SHA-256: | FEFA099CE0F641DD8A5CC6B7F219BE185A6F51A97434FB4AAE304E52BB5B3DCB |
| SHA-512: | 70FA1E60BEC1F7258533E5B2627BCA15A089809D4D857EC814535020AD39678F17F42F7C63498173B3470233CCEE05137DD4C4FDFD76DF50A4F8120F33F5627E |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\15596517-d84e-4e1c-8d08-3016344b1277.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 20955 |
| Entropy (8bit): | 6.065119058483415 |
| Encrypted: | false |
| SSDEEP: | 384:UtMGQ7LBjuYXGIgtDAW5u0TDJ2q03X8NBSOYXCdoE+V1PdQYT3W4Ad4nm:kMGQ7FCYXGIgtDAWtJ4nSldoE+V119Wd |
| MD5: | 13A01FF84DBDF0584CECD6A67F5AEECC |
| SHA1: | 3675BC76851DFF4AB4169287F8A75C9229347CD1 |
| SHA-256: | 5DFE898D7AF01777992FFD7B0EC47E7514A04B292AC7DF70F70EA39BE44B8626 |
| SHA-512: | 574D13799BC8E3110FE894F2E22A1E9141CFFB5BB9142B2B1AFBD1D478266ADBA3EC5A5032BA5160B0D813D1D5BDF75A03F4BC79BCD482C6FCCB90AAF8F9A559 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\429af133-5d07-4235-bfb0-a4790ecb5912.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 20955 |
| Entropy (8bit): | 6.065086348657421 |
| Encrypted: | false |
| SSDEEP: | 384:UtMGQ7LBjuYXGIgtDAW5u0TDJ2q03X8NBSOiXCdoE+V1PdQYT3W4Ad4nm:kMGQ7FCYXGIgtDAWtJ4nSTdoE+V119Wd |
| MD5: | ACD2E12E93EBC4842831715C7327CF0B |
| SHA1: | 384CC93A51BCAF0DC8135058910859A6017BCE82 |
| SHA-256: | B50B4621A5BC6665191655D800291DEF960FDF723F55D7F65994735BD3B3B8EC |
| SHA-512: | BBE47356C68656F7B00E869206D199B768B6B151EA44F6ADFC7B362CF10148E963065E26A526B8AD549D76DE097246172D642D3386A75EAEE4F3ADB3544983DB |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\6aed8b19-eb55-47bd-8c62-e3b284954e79.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 70407 |
| Entropy (8bit): | 6.074206063638544 |
| Encrypted: | false |
| SSDEEP: | 1536:kMGQ5XMBGegZNTXRpAnSqTe/o+aQ3gmzBSj+Kvah+z0ZD11bm:kMrJM83TuSyecQ3R0LIN11q |
| MD5: | 7BA4000629243FC8B7230D6D9135B6AB |
| SHA1: | 61FC2F379874783E4D48FFD4F24051780FAD882F |
| SHA-256: | 1E39B479A414A0BF8E8A92DC9929B6133221DEB1BA9FCA5A638EF75BF5BF2886 |
| SHA-512: | DCBCE8BB7EAE6DD2A699174254D9847F774A73040485DE77FB5C77E7681E40D3B1ECFFBC8C2318278B1D16B0660D5D3D09EDC1EB615FA163B365E9AAA2F9F5EF |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\71c16708-7c4e-45d2-a503-3807da81b561.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 70368 |
| Entropy (8bit): | 6.07412578697848 |
| Encrypted: | false |
| SSDEEP: | 1536:kMGQ5XMBGHgZNTXRpAnSqTe/o+aQ3gmzBSj+Kvah+z0ZD11bm:kMrJM8kTuSyecQ3R0LIN11q |
| MD5: | 14568DE6125B361377E112D71136C8C5 |
| SHA1: | 6A41D3918502D0111ECDDA41E91D5AC4B37301E5 |
| SHA-256: | 2C2E773C9685BC77F0FCD9C1912738E341CDEAC6BACB37E06736E9BF07D83162 |
| SHA-512: | 0A300934D8614C2D5CB7F73A6609CDA288111BFCACB142F8FBCD1126EB3889DCE500C318BAEB051D88E73C0F2F806D89E89BEBA43D95BBC004CF63F06E4A5874 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Ad Blocking\blocklist (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 107893 |
| Entropy (8bit): | 4.640149995732079 |
| Encrypted: | false |
| SSDEEP: | 1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P75:fwUQC5VwBIiElEd2K57P75 |
| MD5: | AD9FA3B6C5E14C97CFD9D9A6994CC84A |
| SHA1: | EF063B4A4988723E0794662EC9D9831DB6566E83 |
| SHA-256: | DCC7F776DBDE2DB809D3402FC302DB414CF67FE5D57297DDDADCE1EE42CFCE8F |
| SHA-512: | 81D9D59657CAF5805D2D190E8533AF48ACEBFFF63409F5A620C4E08F868710301A0C622D7292168048A9BC16C0250669FAAA2DCBF40419740A083C6ED5D79CFA |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Ad Blocking\dee2992e-9977-4b4e-b2d2-6d30f964ed6a.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 107893 |
| Entropy (8bit): | 4.640149995732079 |
| Encrypted: | false |
| SSDEEP: | 1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P75:fwUQC5VwBIiElEd2K57P75 |
| MD5: | AD9FA3B6C5E14C97CFD9D9A6994CC84A |
| SHA1: | EF063B4A4988723E0794662EC9D9831DB6566E83 |
| SHA-256: | DCC7F776DBDE2DB809D3402FC302DB414CF67FE5D57297DDDADCE1EE42CFCE8F |
| SHA-512: | 81D9D59657CAF5805D2D190E8533AF48ACEBFFF63409F5A620C4E08F868710301A0C622D7292168048A9BC16C0250669FAAA2DCBF40419740A083C6ED5D79CFA |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics-spare.pma (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 4194304 |
| Entropy (8bit): | 0.0 |
| Encrypted: | false |
| SSDEEP: | 3:: |
| MD5: | B5CFA9D6C8FEBD618F91AC2843D50A1C |
| SHA1: | 2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3 |
| SHA-256: | BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8 |
| SHA-512: | BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics-spare.pma.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 4194304 |
| Entropy (8bit): | 0.0 |
| Encrypted: | false |
| SSDEEP: | 3:: |
| MD5: | B5CFA9D6C8FEBD618F91AC2843D50A1C |
| SHA1: | 2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3 |
| SHA-256: | BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8 |
| SHA-512: | BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics\BrowserMetrics-66D37771-1468.pma
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 4194304 |
| Entropy (8bit): | 0.45200845733426676 |
| Encrypted: | false |
| SSDEEP: | 3072:bPLRipba2wIKTMfkmsh0f23itw1fpzNVi5/nh4g1HFwM96jAE/NUzCqqvLxFMfA4:7Sby3qnh4aHj2Q/PxeaH+XI6KU |
| MD5: | 3BA322D093D17BD2455DA00AAF6425CD |
| SHA1: | 0F2A5908739AB28A99AA9A84DC79E753F2606852 |
| SHA-256: | 9F5C2C2FF4B5C8765EA73C49FFA89D8D9A368C9F2B08D413129C915EA781CBA0 |
| SHA-512: | 05C3C80F62F2094371CB24DD063C13D60370491F25DE4504F12046CE21D56363874525B7B6546ABF65691BEAB6C688549ABFF2A49B583B289666C0E99245E557 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics\BrowserMetrics-66D37771-D64.pma
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 4194304 |
| Entropy (8bit): | 0.04017904256636481 |
| Encrypted: | false |
| SSDEEP: | 192:s6UjLYiVWK+ggCNlvJZzK1d9XSY1Pg+znhC3inNE7hcRQ8NI4Nn8y08Tcm2RGOdB:VUjjlrcc8hJ8Qu4N08T2RGOD |
| MD5: | 2DA839BC5DD4B18D4E83AA774F3AEB1A |
| SHA1: | B9053C46E56087DE427E56661C2AC584C0A68F5D |
| SHA-256: | 5F7CA33A6107CD168B142582EA8FBBC858764B8D929D56A4819859CF94C0B899 |
| SHA-512: | 37184070FE163C2D3C150AAE48BBB7DEF031ADC96D199648B6EC9906152FDA0456F51D8AE248A67EA7512ED052E2DFA2126C3A4C2BC112333AAA3008CB8F3E72 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 280 |
| Entropy (8bit): | 4.135510720473431 |
| Encrypted: | false |
| SSDEEP: | 3:FiWWltlVuB3ViHSRqOFhJXI2EyBl+BVP/Sh/JzvoRG+i8bMGsXl:o1VuBliyRqsx+BVsJDoNbvE |
| MD5: | 720C58685D6BA2C3CFB3EDD716644FBF |
| SHA1: | EB4EBD1A66AF3435795DE3ACE70E77C05DD8FE02 |
| SHA-256: | 172151FCB787E30057F5B424C9F16FB785781DB5205FB223C85DD403C9DC22E1 |
| SHA-512: | 5AC42843AD95BC47D48F63527BFA18C7160426E9222264AEB19342F665A496B758877DC933B7A0734DCFB770F1EE133F3E0378A4FB1B6B77FCDB9BB98BB32A71 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 20 |
| Entropy (8bit): | 3.6219280948873624 |
| Encrypted: | false |
| SSDEEP: | 3:8g6Vvn:8g6Vv |
| MD5: | 9E4E94633B73F4A7680240A0FFD6CD2C |
| SHA1: | E68E02453CE22736169A56FDB59043D33668368F |
| SHA-256: | 41C91A9C93D76295746A149DCE7EBB3B9EE2CB551D84365FFF108E59A61CC304 |
| SHA-512: | 193011A756B2368956C71A9A3AE8BC9537D99F52218F124B2E64545EEB5227861D372639052B74D0DD956CB33CA72A9107E069F1EF332B9645044849D14AF337 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\2abdf889-49cf-4a5a-8b00-4c09dbe79a8f.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 24800 |
| Entropy (8bit): | 5.566566027990381 |
| Encrypted: | false |
| SSDEEP: | 768:lV0mOhWi3W5wZ1f4WA8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPBZIwNp7rwXrpGtus:lGphB3WaZ1fxAu1jawr7Qst/ |
| MD5: | 85F537403C1B5E345C6A00EC3897CBC0 |
| SHA1: | AA923D450E99E5F1DDE6E8110C05A755ADC72B4A |
| SHA-256: | 9A633321571234281E5EC3912EC6A548B50B4610B8E85128E9A968FAE0AC85E1 |
| SHA-512: | F086152F2A3D25C3BD2D35366FC1AA56FDE48A7DE695CE2DCF1EF4E61B94F75587748F31AF7665F6105F911BF3272DF4436F5E0BE2C236BB660284E9C4BD9566 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\2d6d805d-f483-4ac7-a834-bab1b01cd13f.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1 |
| Entropy (8bit): | 0.0 |
| Encrypted: | false |
| SSDEEP: | 3:L:L |
| MD5: | 5058F1AF8388633F609CADB75A75DC9D |
| SHA1: | 3A52CE780950D4D969792A2559CD519D7EE8C727 |
| SHA-256: | CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8 |
| SHA-512: | 0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\403624e5-0169-46b9-8b2d-285da359ec36.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 6534 |
| Entropy (8bit): | 4.987259414837691 |
| Encrypted: | false |
| SSDEEP: | 96:styqfvis13b9U6DOq8znOs85eh6Cb7/x+6MhmuecmAeiYJQY2MB/EJ:stynsrqqkOs88bV+FiAqBPBMJ |
| MD5: | 8C5E5ADC7E17CC542B2CD0028799D985 |
| SHA1: | 91C5791D1D59FCC9F13A9B54CE735E0DD05F57BF |
| SHA-256: | BB1FF8241531B574A0AF11C148B166433E4FAD7D344162D93E301D1CC80FC6E4 |
| SHA-512: | 5E0CF1B4A2514D8D0F5037114CC4275EA3BEB852CF76A6431BA7B8344F168856F5238445C2AE8E5BB755F91E213E20710B96388EE0A3D532EA75CABF3C3AB262 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\413ddbed-6b1a-44df-8605-a5a57788fcfe.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 24799 |
| Entropy (8bit): | 5.5667759242487085 |
| Encrypted: | false |
| SSDEEP: | 768:lV0mOhWi3W5wZ1f49A8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPBZIwNp7rwX/pGtuu:lGphB3WaZ1fAAu1jawr7Qgtd |
| MD5: | 9AEC9D8814A886C6F00FB83FEABE8469 |
| SHA1: | C3FC6D9133BCE4F7CBE4FAADEEE249791CDF4751 |
| SHA-256: | BD75C6C8F40A73D34732790281C2E87DBF0B7BAE9C84867D084FE839CF062C4C |
| SHA-512: | A9195EFFC5BB0ED0C28EB596D07D54D3D264526703FCABB662A287B171743C508E184ACFA0B615F7D2A8B7B9A661B6C921B7B7D7668CC5BF24E1377C9665FF5F |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\6ec4667b-52fa-4663-98d5-792365cfdba9.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 6432 |
| Entropy (8bit): | 4.98497951357099 |
| Encrypted: | false |
| SSDEEP: | 96:styqfvis13b9U6DOq8znOs85eh6Cb7/x+6MhmuecmAeiDYQY2MB/EJ:stynsrqqkOs88bV+FiAdOPBMJ |
| MD5: | 2A18204BDD7BA6902DDF1BE7A5890ECA |
| SHA1: | B0F377CF7A34FFB4CC5F90FB4EAF295785CF4DF5 |
| SHA-256: | 039B3D895853922B4C88D9DFDF48EFC8C5E25E16C0F1E8A4F63CC1F3DC7EA208 |
| SHA-512: | 0009C35A5DB6B297097496D25CFC3073D274A0386325C4F0BC569A85B4C71B98D3D54B4BAEE1E988CE6837CF9AD6294CF9739990B25EC70C2D2B069297AB454D |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\000001.dbtmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\000003.log
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | modified |
| Size (bytes): | 12600 |
| Entropy (8bit): | 5.32128122252583 |
| Encrypted: | false |
| SSDEEP: | 192:1AOEH/WCxkD7MDPSYAxmemxb7mngJdv9TXJ4MQmLu5/4eeNdl:uOEOKSXs/J7mGnQmLu5/5eNdl |
| MD5: | CF194F84507D5F0F9A661D7DD51DF8EA |
| SHA1: | 9224E0D7B4312504EAE0485B626F12537020B397 |
| SHA-256: | 5E9690873B1481FABA8DFC3509C4FE65C667B49EF442DE0430A9694DE3D4CE74 |
| SHA-512: | 50A3617FA9DDC39AE5524418AB9D25D9FAEAB043B560FF050F21DD3A7CBF55D03386AF4885126C98FC84BF38F4B8A0D0846B58C43E0F11F409E50FFB5D538C0A |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\CURRENT (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\LOG
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 311 |
| Entropy (8bit): | 5.098394208489767 |
| Encrypted: | false |
| SSDEEP: | 6:jMdBdD1N723oH+TcwtOEh1ZB2KLlFnMM+q2PN723oH+TcwtOEh1tIFUv:QdvDaYebOEh1ZFLLN+vVaYebOEh16FUv |
| MD5: | E3825D1E02BE37ED93207EACFF1D3549 |
| SHA1: | F56F965EB26337877936673D980D88FB68BCA989 |
| SHA-256: | 0DFBC8F28E69B823936F61D89841AE9B67D4346B208EB1C96761C457AB02183A |
| SHA-512: | 425A5A86CF21449D9BD4016DB4FB783BC6DE6DDE1F558E47DF6CBF12B40BA67EAE8890EA437529797D18E702C57F538AFEB5897052453C07B60D98C4C9181468 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\MANIFEST-000001
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 41 |
| Entropy (8bit): | 4.704993772857998 |
| Encrypted: | false |
| SSDEEP: | 3:scoBAIxQRDKIVjn:scoBY7jn |
| MD5: | 5AF87DFD673BA2115E2FCF5CFDB727AB |
| SHA1: | D5B5BBF396DC291274584EF71F444F420B6056F1 |
| SHA-256: | F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4 |
| SHA-512: | DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\AssistanceHome\AssistanceHomeSQLite
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 12288 |
| Entropy (8bit): | 0.3202460253800455 |
| Encrypted: | false |
| SSDEEP: | 6:l9bNFlEuWk8TRH9MRumWEyE4gLueXdNOmWxFxCxmWxYgCxmW5y/mWz4ynLAtD/W4:TLiuWkMORuHEyESeXdwDQ3SOAtD/ie |
| MD5: | 40B18EC43DB334E7B3F6295C7626F28D |
| SHA1: | 0E46584B0E0A9703C6B2EC1D246F41E63AF2296F |
| SHA-256: | 85E961767239E90A361FB6AA0A3FD9DAA57CAAF9E30599BB70124F1954B751C8 |
| SHA-512: | 8BDACDC4A9559E4273AD01407D5D411035EECD927385A51172F401558444AD29B5AD2DC5562D1101244665EBE86BBDDE072E75ECA050B051482005EB6A52CDBD |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_0
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 45056 |
| Entropy (8bit): | 0.04407155678177972 |
| Encrypted: | false |
| SSDEEP: | 6:/Fii2rOkM/lsGYHCMtXBts2K9/+kll8BKlI2KlC/le:dYEsGkCEX3pYL/jl1KlWe |
| MD5: | D07E72DD00EE9B72031F6F76784C87E7 |
| SHA1: | ED73C1EA01CA8193BCC0B7995FB84271FB5A017B |
| SHA-256: | 8624B1A20E6FBFEA2A8C369510B88A91B15DF7E39E7CD764D52FD89A4C992C13 |
| SHA-512: | 8E371F0B24EE5098BFD7BD4C59263B5768B51C21259A6D093CA81C0360C2EBB7A0BAEE5E46DB76EEF5708C0F8459BA4DDA93FD94AEB5D7B020E3E5ACB54275C1 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_1
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 270336 |
| Entropy (8bit): | 0.09559119540996693 |
| Encrypted: | false |
| SSDEEP: | 48:MV4A3es/CV4XesrAMo6NUeGQE8J3lWp4:MV4A33KV4X3rAl6NLGB8J3L |
| MD5: | 3CF68B2F08E9CCFC4C4D40BB9F84FC9D |
| SHA1: | C3C8C0CE07ED3CF4208CA5197559FC6E4C6416F8 |
| SHA-256: | AA781FCF29FAAD394019E4FB8FACC5332E24AC26FE19FAFAB14F9E3E7631E1C1 |
| SHA-512: | 89ADB7B53F3F8A8D4F86F87DB840D609552A45E5D02754AB7CBCC1FF5ACC134C6A9690A737A3626A007B5F4A9238AD6F2AE20DC7E738250F73B50913C39DB0E7 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_2
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1056768 |
| Entropy (8bit): | 0.283108161697845 |
| Encrypted: | false |
| SSDEEP: | 384:p9qR/Jtn09qR/Jtne6q/JtXbq/JtXhmq1VJtP:pgJt0gJtqJtmJtfJt |
| MD5: | A19E7675A2200A622A78D0DCC005B512 |
| SHA1: | 7DFE64065DA47E0390A4B23FD7063DC13484A3BB |
| SHA-256: | E0CCB31CAA89FA73A402CD328244C63450427A6B2EA8C0688698003F57BD868B |
| SHA-512: | 028F86CDB166CDCDC5024C37002BBC50D0F104CED62564A9BB4D6E19F5B134AD7E92B6050EF0D80239257922FB00EFF727C305702732EB953F0D23CC700FEF8A |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_3
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 4202496 |
| Entropy (8bit): | 0.04312480187296375 |
| Encrypted: | false |
| SSDEEP: | 192:rH/WCxkD7MDPSYAxmemxb7mngJdv9TXJ4MQmLu5/4eeNd:rOKSXs/J7mGnQmLu5/5eNd |
| MD5: | 4D3862637A3E49DEA6B0E914424F7F3E |
| SHA1: | 2ADD705EDC5981DFA1DDA043EF8917DD416CA4B3 |
| SHA-256: | 081133A6F01292BF3CDF0BFBAE44EEE97EC2920D820294EA0447EE2D71249D58 |
| SHA-512: | FA1B6C0C9D28F5686D65A17D43EC6473524C7D576CADA3BA68A94B85375C703E750F624CA82ED3A431DBF5A41203A974E041BFCC6681E04CFBE708B34A4AA861 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\f_000001 
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 70207 |
| Entropy (8bit): | 7.995911906073242 |
| Encrypted: | true |
| SSDEEP: | 1536:VzseWV/dT2G9zm5w0vgxQUFm6SM6ZYRuB61K+aK+POIwPru:VoNQGIwvs6S9+I6RWPOIwTu |
| MD5: | 9F5A7E038BF08B13BD15338EC7BD4E16 |
| SHA1: | AB69D28EEA9AE289BB86159C341910538CDDE5B9 |
| SHA-256: | BA0BCBBF170ADB0B5119D19D56C2D004579507DFC4A9215BCCC8663C8A486AF8 |
| SHA-512: | 48557ECD56DFD2157304FE752E15E44314667EFC79E6C21312723251E4E1F1BF5BE0A76F88F4B4D83FADB9D81BFB1835B1C0E5CFA7B07214A605F58064BB94B1 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\index
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 524656 |
| Entropy (8bit): | 4.989325630401085E-4 |
| Encrypted: | false |
| SSDEEP: | 3:Lsul0m:LsNm |
| MD5: | 176A673D205C8D21E160AB24E51FB0D9 |
| SHA1: | EE171D8C9B847B55193A093F10C3B5E28331BDC2 |
| SHA-256: | BB60D536561FE6C6D5F975D7D91F093147C8EE63499FD0433FC487D146C0A085 |
| SHA-512: | 676675D5987559AB09C60F9E2A35A2C89812C7104B831A2C4F08DE3F4C828BE7254712CBC9F73D05D061F46265756664759A4A31E75632015D43991FDFF87449 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 24 |
| Entropy (8bit): | 2.1431558784658327 |
| Encrypted: | false |
| SSDEEP: | 3:m+l:m |
| MD5: | 54CB446F628B2EA4A5BCE5769910512E |
| SHA1: | C27CA848427FE87F5CF4D0E0E3CD57151B0D820D |
| SHA-256: | FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D |
| SHA-512: | 8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\js\index-dir\temp-index
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 48 |
| Entropy (8bit): | 2.9555576533947305 |
| Encrypted: | false |
| SSDEEP: | 3:JLuXTEDRK+:GgD4+ |
| MD5: | 6CBD7CD555A560FF991F1EA35EEE8A8F |
| SHA1: | 06E37C658D1F70D885429B11C57A28BC96047FDE |
| SHA-256: | 2FCB42C6E5EB9E84F21CE44D8B2A6904112A4A52BE29664537678C09DC76AFFA |
| SHA-512: | FE167A156C8C69721D05020BB5183B8D45C05DE97B265F2C7DB1773A1DAF40B762B048F2F16D7BBFD3D66B1D256FE673CE26A081C39486C11ECAE48616A76D35 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\js\index-dir\the-real-index (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 48 |
| Entropy (8bit): | 2.9555576533947305 |
| Encrypted: | false |
| SSDEEP: | 3:JLuXTEDRK+:GgD4+ |
| MD5: | 6CBD7CD555A560FF991F1EA35EEE8A8F |
| SHA1: | 06E37C658D1F70D885429B11C57A28BC96047FDE |
| SHA-256: | 2FCB42C6E5EB9E84F21CE44D8B2A6904112A4A52BE29664537678C09DC76AFFA |
| SHA-512: | FE167A156C8C69721D05020BB5183B8D45C05DE97B265F2C7DB1773A1DAF40B762B048F2F16D7BBFD3D66B1D256FE673CE26A081C39486C11ECAE48616A76D35 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\wasm\index
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 24 |
| Entropy (8bit): | 2.1431558784658327 |
| Encrypted: | false |
| SSDEEP: | 3:m+l:m |
| MD5: | 54CB446F628B2EA4A5BCE5769910512E |
| SHA1: | C27CA848427FE87F5CF4D0E0E3CD57151B0D820D |
| SHA-256: | FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D |
| SHA-512: | 8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\wasm\index-dir\temp-index
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 48 |
| Entropy (8bit): | 2.9555576533947305 |
| Encrypted: | false |
| SSDEEP: | 3:JLuXTEDRK+:GgD4+ |
| MD5: | 6CBD7CD555A560FF991F1EA35EEE8A8F |
| SHA1: | 06E37C658D1F70D885429B11C57A28BC96047FDE |
| SHA-256: | 2FCB42C6E5EB9E84F21CE44D8B2A6904112A4A52BE29664537678C09DC76AFFA |
| SHA-512: | FE167A156C8C69721D05020BB5183B8D45C05DE97B265F2C7DB1773A1DAF40B762B048F2F16D7BBFD3D66B1D256FE673CE26A081C39486C11ECAE48616A76D35 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\wasm\index-dir\the-real-index (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 48 |
| Entropy (8bit): | 2.9555576533947305 |
| Encrypted: | false |
| SSDEEP: | 3:JLuXTEDRK+:GgD4+ |
| MD5: | 6CBD7CD555A560FF991F1EA35EEE8A8F |
| SHA1: | 06E37C658D1F70D885429B11C57A28BC96047FDE |
| SHA-256: | 2FCB42C6E5EB9E84F21CE44D8B2A6904112A4A52BE29664537678C09DC76AFFA |
| SHA-512: | FE167A156C8C69721D05020BB5183B8D45C05DE97B265F2C7DB1773A1DAF40B762B048F2F16D7BBFD3D66B1D256FE673CE26A081C39486C11ECAE48616A76D35 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8192 |
| Entropy (8bit): | 0.01057775872642915 |
| Encrypted: | false |
| SSDEEP: | 3:MsFl:/F |
| MD5: | CF89D16BB9107C631DAABF0C0EE58EFB |
| SHA1: | 3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B |
| SHA-256: | D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E |
| SHA-512: | 8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 270336 |
| Entropy (8bit): | 0.0012471779557650352 |
| Encrypted: | false |
| SSDEEP: | 3:MsEllllkEthXllkl2zE:/M/xT02z |
| MD5: | F50F89A0A91564D0B8A211F8921AA7DE |
| SHA1: | 112403A17DD69D5B9018B8CEDE023CB3B54EAB7D |
| SHA-256: | B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC |
| SHA-512: | BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8192 |
| Entropy (8bit): | 0.011852361981932763 |
| Encrypted: | false |
| SSDEEP: | 3:MsHlDll:/H |
| MD5: | 0962291D6D367570BEE5454721C17E11 |
| SHA1: | 59D10A893EF321A706A9255176761366115BEDCB |
| SHA-256: | EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7 |
| SHA-512: | F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8192 |
| Entropy (8bit): | 0.012340643231932763 |
| Encrypted: | false |
| SSDEEP: | 3:MsGl3ll:/y |
| MD5: | 41876349CB12D6DB992F1309F22DF3F0 |
| SHA1: | 5CF26B3420FC0302CD0A71E8D029739B8765BE27 |
| SHA-256: | E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C |
| SHA-512: | E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 262512 |
| Entropy (8bit): | 9.553120663130604E-4 |
| Encrypted: | false |
| SSDEEP: | 3:LsNlJk:Ls3Jk |
| MD5: | EDA69390ACB568A83127EB9C6FC5B560 |
| SHA1: | ED44AEB387A4E29D83EBBCD3898883BDF7D3C4A5 |
| SHA-256: | 2C1AAF3C9F0E8B8B6F646A765F643546087FC547CBCB730F2FCD740814B0A8A5 |
| SHA-512: | 01B48F9A7A1557D2EDDC0F1D55CB0B5B99130B640BDBA5FEA19FA1BAC4648A857D7B207190F8CD94BC9741D3CAEEF09427C207897DBE5C7DCC9163FE69DFBB31 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\000001.dbtmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\000003.log
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 33 |
| Entropy (8bit): | 3.5394429593752084 |
| Encrypted: | false |
| SSDEEP: | 3:iWstvhYNrkUn:iptAd |
| MD5: | F27314DD366903BBC6141EAE524B0FDE |
| SHA1: | 4714D4A11C53CF4258C3A0246B98E5F5A01FBC12 |
| SHA-256: | 68C7AD234755B9EDB06832A084D092660970C89A7305E0C47D327B6AC50DD898 |
| SHA-512: | 07A0D529D9458DE5E46385F2A9D77E0987567BA908B53DDB1F83D40D99A72E6B2E3586B9F79C2264A83422C4E7FC6559CAC029A6F969F793F7407212BB3ECD51 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\CURRENT (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\MANIFEST-000001
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 41 |
| Entropy (8bit): | 4.704993772857998 |
| Encrypted: | false |
| SSDEEP: | 3:scoBAIxQRDKIVjn:scoBY7jn |
| MD5: | 5AF87DFD673BA2115E2FCF5CFDB727AB |
| SHA1: | D5B5BBF396DC291274584EF71F444F420B6056F1 |
| SHA-256: | F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4 |
| SHA-512: | DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeEDrop\EdgeEDropSQLite.db
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 32768 |
| Entropy (8bit): | 0.494709561094235 |
| Encrypted: | false |
| SSDEEP: | 24:TLEC30OIcqIn2o0FUFlA2cs0US5S693Xlej2:ThLaJUnAg0UB6I |
| MD5: | CF7760533536E2AF66EA68BC3561B74D |
| SHA1: | E991DE2EA8F42AE7E0A96A3B3B8AF87A689C8CCD |
| SHA-256: | E1F183FAE5652BA52F5363A7E28BF62B53E7781314C9AB76B5708AF9918BE066 |
| SHA-512: | 38B15FE7503F6DFF9D39BC74AA0150A7FF038029F973BE9A37456CDE6807BCBDEAB06E624331C8DFDABE95A5973B0EE26A391DB2587E614A37ADD50046470162 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 20480 |
| Entropy (8bit): | 0.5094712832659277 |
| Encrypted: | false |
| SSDEEP: | 12:TLW4QpRSJDBJuqJSEDNvrWjJQ9Dl9np59yDLgHFUxOUDaaTXubHa7me5q4iZ7dV:TLqpR+DDNzWjJ0npnyXKUO8+j25XmL |
| MD5: | D4971855DD087E30FC14DF1535B556B9 |
| SHA1: | 9E00DEFC7E54C75163273184837B9D0263AA528C |
| SHA-256: | EC7414FF1DB052E8E0E359801F863969866F19228F3D5C64F632D991C923F0D2 |
| SHA-512: | ACA411D7819B03EF9C9ACA292D91B1258238DF229B4E165A032DB645E66BFE1148FF3DCFDAC3126FCD34DBD0892F420148E280D9716C63AD9FCDD9E7CA58D71D |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 375520 |
| Entropy (8bit): | 5.354095203838731 |
| Encrypted: | false |
| SSDEEP: | 6144:EA/imBpx6WdPSxKWcHu5MURacq49QxxPnyEndBuHltBfdK5WNbsVEziP/CfXtLPz:EFdMyq49tEndBuHltBfdK5WNbsVEziPU |
| MD5: | B0402B31690A741B13FEA928CD107D86 |
| SHA1: | 5D9E5347F03AEFFB155C062C7F6316CC4C029D7C |
| SHA-256: | 1B4DC829066A35F8E9F6EC1C3DC45C58449D67E76A8DD59175E41D5310220A59 |
| SHA-512: | 341E454C8FC8D180E87CECD0EF54D0BED08E45A98B7BF8FA2B98EF1D3D0C0AA75A4EDF9AFAC58D3921E03C45512DE2DB4A6F2AC42193B15950E6CEA5BABB88F1 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 327 |
| Entropy (8bit): | 5.173460900521196 |
| Encrypted: | false |
| SSDEEP: | 6:jnhq1N723oH+Tcwtj2WwnvB2KLlFOu+q2PN723oH+Tcwtj2WwnvIFUv:LMaYebjxwnvFLwvVaYebjxwnQFUv |
| MD5: | 18301AF3D661AF866FD32E2AC0929116 |
| SHA1: | E1825342F8F7E9E3DB2F607894BAE6392771B399 |
| SHA-256: | A015EF370DD74AC32C99D4567A777E3A463C45B8DDAD0FCC9AEAF8524EA33A35 |
| SHA-512: | 3AC1BF80B80AEAFE116ADC836792FAE4FB0D8B3815123293C1F97B52AF287F078A1848B8C8E37D8B60841CAFDDD84779495C2F849887DD5DAD19C282D8262110 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 41 |
| Entropy (8bit): | 4.704993772857998 |
| Encrypted: | false |
| SSDEEP: | 3:scoBAIxQRDKIVjn:scoBY7jn |
| MD5: | 5AF87DFD673BA2115E2FCF5CFDB727AB |
| SHA1: | D5B5BBF396DC291274584EF71F444F420B6056F1 |
| SHA-256: | F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4 |
| SHA-512: | DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\domains_config.json
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | modified |
| Size (bytes): | 358860 |
| Entropy (8bit): | 5.324611957786582 |
| Encrypted: | false |
| SSDEEP: | 6144:CgimBVvUrsc6rRA81b/18jyJNjfvrfM6RL:C1gAg1zfvj |
| MD5: | 1D97FAB4031917FD29F624F13A3E712C |
| SHA1: | 24F0F509450E0E4DF25132CDC56087EAF36CACCD |
| SHA-256: | D3991A4F55AB42E68377180855787E0E51EFE784B46761028415A03289401EA3 |
| SHA-512: | 58F0CF0F9DECCB627DD9F04C8D690174BC107D4DE0059D4E03A17C973B731CE7F7E2DA234F1C8F06E51A07B07B66F85E9A29786B47AF383A1433756CAE71FBB7 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\000001.dbtmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\000003.log
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 171 |
| Entropy (8bit): | 1.8784775129881184 |
| Encrypted: | false |
| SSDEEP: | 3:FQxlXNQxlXNQxlXNQxlXNQxlXNQxlXNQxlXNQxlXNQxlX:qTCTCTCTCTCTCTCTCT |
| MD5: | E952942B492DB39A75DD2669B98EBE74 |
| SHA1: | F6C4DEF325DCA0DFEC01759D7D8610837A370176 |
| SHA-256: | 14F92B911F9FE774720461EEC5BB4761AE6BFC9445C67E30BF624A8694B4B1DA |
| SHA-512: | 9193E7BBE7EB633367B39513B48EFED11FD457DCED070A8708F8572D0AB248CBFF37254599A6BFB469637E0DCCBCD986347C6B6075C06FAE2AF08387B560DEA0 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\CURRENT (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 299 |
| Entropy (8bit): | 5.171250832701795 |
| Encrypted: | false |
| SSDEEP: | 6:jnEe+B1N723oH+TcwttaVdg2KLlFI7MM+q2PN723oH+TcwttaPrqIFUv:bb+BaYebDLfM+vVaYeb83FUv |
| MD5: | 33CE83AC82CCC9518E9869E9C2AB4A4C |
| SHA1: | 2B188B97EDB46BEF1FDBB9016DF4D035B07EDB86 |
| SHA-256: | 0F9A61688AC8945052E8D5F2052375AD79BC4681F6649613C09375B992113AF1 |
| SHA-512: | C4C0F2A00C06FCA1E23BB70B7444DBBF6E52F95D8CA25B78F121BFAF2FB17C1A08225FFA7935670E7D7C9C161EE4280D73354F30369C3B4273F27C10A765323B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\MANIFEST-000001
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 41 |
| Entropy (8bit): | 4.704993772857998 |
| Encrypted: | false |
| SSDEEP: | 3:scoBAIxQRDKIVjn:scoBY7jn |
| MD5: | 5AF87DFD673BA2115E2FCF5CFDB727AB |
| SHA1: | D5B5BBF396DC291274584EF71F444F420B6056F1 |
| SHA-256: | F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4 |
| SHA-512: | DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\000001.dbtmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\000003.log
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 171 |
| Entropy (8bit): | 1.8784775129881184 |
| Encrypted: | false |
| SSDEEP: | 3:FQxlXNQxlXNQxlXNQxlXNQxlXNQxlXNQxlXNQxlXNQxlX:qTCTCTCTCTCTCTCTCT |
| MD5: | E952942B492DB39A75DD2669B98EBE74 |
| SHA1: | F6C4DEF325DCA0DFEC01759D7D8610837A370176 |
| SHA-256: | 14F92B911F9FE774720461EEC5BB4761AE6BFC9445C67E30BF624A8694B4B1DA |
| SHA-512: | 9193E7BBE7EB633367B39513B48EFED11FD457DCED070A8708F8572D0AB248CBFF37254599A6BFB469637E0DCCBCD986347C6B6075C06FAE2AF08387B560DEA0 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\CURRENT (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\LOG
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 303 |
| Entropy (8bit): | 5.180751117782433 |
| Encrypted: | false |
| SSDEEP: | 6:jIM+B1N723oH+Tcwtt6FB2KLlFg1MM+q2PN723oH+Tcwtt65IFUv:J+BaYeb8FFLRM+vVaYeb8WFUv |
| MD5: | AA998CBE50CDD4C88DFE884E5EF06EE6 |
| SHA1: | B43D2820EF0B56FF01F7F0A43E91CBE1F6953A09 |
| SHA-256: | 0DDB125BC30B9FA23815463AFEB2114A96409062D4483F8628280DABC15EC91E |
| SHA-512: | 083C495CCCC88ABFE44C15C3ED37E9CC6DB0CAC0F1B39BC37A43AA844D35FE036033B772605F6D8568ED19903627F91E3C4C72CBF4237F40F9458396F1D94BD5 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\MANIFEST-000001
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 41 |
| Entropy (8bit): | 4.704993772857998 |
| Encrypted: | false |
| SSDEEP: | 3:scoBAIxQRDKIVjn:scoBY7jn |
| MD5: | 5AF87DFD673BA2115E2FCF5CFDB727AB |
| SHA1: | D5B5BBF396DC291274584EF71F444F420B6056F1 |
| SHA-256: | F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4 |
| SHA-512: | DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\000001.dbtmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\000003.log
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 513 |
| Entropy (8bit): | 1.8784775129881184 |
| Encrypted: | false |
| SSDEEP: | 6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWWWWWWW |
| MD5: | C92EABB217D45C77F8D52725AD3758F0 |
| SHA1: | 43B422AC002BB445E2E9B2C27D74C27CD70C9975 |
| SHA-256: | 388C5C95F0F54F32B499C03A37AABFA5E0A31030EC70D0956A239942544B0EEA |
| SHA-512: | DFD5D1C614F0EBFF97F354DFC23266655C336B9B7112781D7579057814B4503D4B63AB1263258BDA3358E5EE9457429C1A2451B22261A1F1E2D8657F31240D3C |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\CURRENT (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 297 |
| Entropy (8bit): | 5.190867594514828 |
| Encrypted: | false |
| SSDEEP: | 6:j8Hn4M1N723oH+TcwttYg2KLlFDSVq2PN723oH+TcwttNIFUv:gYsaYebJL3OvVaYeb0FUv |
| MD5: | A883BF989E1A163B55E14D73B514534B |
| SHA1: | C220BB8D90DACCD17F872F8218D3FF954F61F1C7 |
| SHA-256: | 931C999A515090D4F798D02F62894D93B44896A6B97BC2935201683476682391 |
| SHA-512: | 9CC114266E9205065C2B725E8B1A04E7F57CCB4CED13322939A80B6DE083A332CFF782FA11E7397C27076536686D8C47B3ABB90B2F032F854501CD54087648B3 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\MANIFEST-000001
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 41 |
| Entropy (8bit): | 4.704993772857998 |
| Encrypted: | false |
| SSDEEP: | 3:scoBAIxQRDKIVjn:scoBY7jn |
| MD5: | 5AF87DFD673BA2115E2FCF5CFDB727AB |
| SHA1: | D5B5BBF396DC291274584EF71F444F420B6056F1 |
| SHA-256: | F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4 |
| SHA-512: | DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\ExtensionActivityComp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 4096 |
| Entropy (8bit): | 0.3169096321222068 |
| Encrypted: | false |
| SSDEEP: | 3:lSWbNFl/sl+ltl4ltllOl83/XWEEabIDWzdWuAzTgdWj3FtFIU:l9bNFlEs1ok8fDEPDadUTgd81Z |
| MD5: | 2554AD7847B0D04963FDAE908DB81074 |
| SHA1: | F84ABD8D05D7B0DFB693485614ECF5204989B74A |
| SHA-256: | F6EF01E679B9096A7D8A0BD8151422543B51E65142119A9F3271F25F966E6C42 |
| SHA-512: | 13009172518387D77A67BBF86719527077BE9534D90CB06E7F34E1CCE7C40B49A185D892EE859A8BAFB69D5EBB6D667831A0FAFBA28AC1F44570C8B68F8C90A4 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\ExtensionActivityEdge
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 32768 |
| Entropy (8bit): | 0.40981274649195937 |
| Encrypted: | false |
| SSDEEP: | 24:TL1WK3iOvwxwwweePKmJIOAdQBVA/kjo/TJZwJ9OV3WOT/5eQQ:Tmm+/9ZW943WOT/ |
| MD5: | 1A7F642FD4F71A656BE75B26B2D9ED79 |
| SHA1: | 51BBF587FB0CCC2D726DDB95C96757CC2854CFAD |
| SHA-256: | B96B6DDC10C29496069E16089DB0AB6911D7C13B82791868D583897C6D317977 |
| SHA-512: | FD14EADCF5F7AB271BE6D8EF682977D1A0B5199A142E4AB353614F2F96AE9B49A6F35A19CC237489F297141994A4A16B580F88FAC44486FCB22C05B2F1C3F7D1 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 20480 |
| Entropy (8bit): | 0.6975083372685086 |
| Encrypted: | false |
| SSDEEP: | 24:LLiZxh0GY/l1rWR1PmCx9fZjsBX+T6UwcE85fBmI:EBmw6fU1zBmI |
| MD5: | F5BBD8449A9C3AB28AC2DE45E9059B01 |
| SHA1: | C569D730853C33234AF2402E69C19E0C057EC165 |
| SHA-256: | 825FF36C4431084C76F3D22CE0C75FA321EA680D1F8548706B43E60FCF5B566E |
| SHA-512: | 96ACDED5A51236630A64FAE91B8FA9FAB43E22E0C1BCB80C2DD8D4829E03FBFA75AA6438053599A42EC4BBCF805BF0B1E6DFF9069B2BA182AD0BB30F2542FD3F |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8192 |
| Entropy (8bit): | 0.01057775872642915 |
| Encrypted: | false |
| SSDEEP: | 3:MsFl:/F |
| MD5: | CF89D16BB9107C631DAABF0C0EE58EFB |
| SHA1: | 3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B |
| SHA-256: | D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E |
| SHA-512: | 8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 270336 |
| Entropy (8bit): | 0.0012471779557650352 |
| Encrypted: | false |
| SSDEEP: | 3:MsEllllkEthXllkl2zE:/M/xT02z |
| MD5: | F50F89A0A91564D0B8A211F8921AA7DE |
| SHA1: | 112403A17DD69D5B9018B8CEDE023CB3B54EAB7D |
| SHA-256: | B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC |
| SHA-512: | BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8192 |
| Entropy (8bit): | 0.011852361981932763 |
| Encrypted: | false |
| SSDEEP: | 3:MsHlDll:/H |
| MD5: | 0962291D6D367570BEE5454721C17E11 |
| SHA1: | 59D10A893EF321A706A9255176761366115BEDCB |
| SHA-256: | EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7 |
| SHA-512: | F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8192 |
| Entropy (8bit): | 0.012340643231932763 |
| Encrypted: | false |
| SSDEEP: | 3:MsGl3ll:/y |
| MD5: | 41876349CB12D6DB992F1309F22DF3F0 |
| SHA1: | 5CF26B3420FC0302CD0A71E8D029739B8765BE27 |
| SHA-256: | E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C |
| SHA-512: | E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 262512 |
| Entropy (8bit): | 9.553120663130604E-4 |
| Encrypted: | false |
| SSDEEP: | 3:LsNlFp:Ls3F |
| MD5: | F9A68594C046189C5F5F3AB4F344223E |
| SHA1: | 697EECB55F87594C32CE1C8386B3DAD63A833A49 |
| SHA-256: | C16BB450805DD17ED4F217867E6F9EEA5A6E6A2A4818425142E99ED02C963685 |
| SHA-512: | 9BC902C2D3B3EAD771F9D8813222649722FAF02E2E3BF378DDD71BE7D3DE628788820A9C0A4A5656C122BDB0699B97462CFF3BB5B34EF53C67A0A3B55C1FB231 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 155648 |
| Entropy (8bit): | 0.5407252242845243 |
| Encrypted: | false |
| SSDEEP: | 96:OgWyejzH+bDoYysX0IxQzZkHtpVJNlYDLjGQLBE3CeE0kE:OJhH+bDo3iN0Z2TVJkXBBE3yb |
| MD5: | 7B955D976803304F2C0505431A0CF1CF |
| SHA1: | E29070081B18DA0EF9D98D4389091962E3D37216 |
| SHA-256: | 987FB9BFC2A84C4C605DCB339D4935B52A969B24E70D6DEAC8946BA9A2B432DC |
| SHA-512: | CE2F1709F39683BE4131125BED409103F5EDF1DED545649B186845817C0D69E3D0B832B236F7C4FC09AB7F7BB88E7C9F1E4F7047D1AF56D429752D4D8CBED47A |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8720 |
| Entropy (8bit): | 0.21861961848037045 |
| Encrypted: | false |
| SSDEEP: | 3:wt/7ntFlljq7A/mhWJFuQ3yy7IOWUKl4/dweytllrE9SFcTp4AGbNCV9RUIF:+/I75fOg4/d0Xi99pEYX |
| MD5: | 8EEBEEFED1800E4B39E71E837607576B |
| SHA1: | 0CF9F8F17585CC1572D9B10D36CCC280807F3066 |
| SHA-256: | 7289042072A0555BE59150A1AD2EB94FF38821F6654B915EB4F6DDD919D5F8B8 |
| SHA-512: | 4CC1B50BCC413D6E4DC7D246D332DD79081FB676E9FC3F719364CC15805A4E3F1A944F6C52E4BEB79AD1ADC88F4DDD02A7022568E9091E41F5D405C506066958 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 28672 |
| Entropy (8bit): | 0.33890226319329847 |
| Encrypted: | false |
| SSDEEP: | 12:TLMfly7aoxrRGcAkSQdC6ae1//fxEjkE/RFL2iFV1eHFxOUwa5qgufTsZ75fOSI:TLYcjr0+Pdajk+FZH1W6UwccI5fBI |
| MD5: | 971F4C153D386AC7ED39363C31E854FC |
| SHA1: | 339841CA0088C9EABDE4AACC8567D2289CCB9544 |
| SHA-256: | B6468DA6EC0EAE580B251692CFE24620D39412954421BBFDECB13EF21BE7BC88 |
| SHA-512: | 1A4DD0C2BE163AAB3B81D63DEB4A7DB6421612A6CF1A5685951F86B7D5A40B67FC6585B7E52AA0CC20FF47349F15DFF0C9038086E3A7C78AE0FFBEE6D8AA7F7E |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\000001.dbtmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\CURRENT (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 381 |
| Entropy (8bit): | 5.222023114470029 |
| Encrypted: | false |
| SSDEEP: | 6:jxFB1N723oH+TcwtRage8Y55HEZzXELIx2KLlFbt+q2PN723oH+TcwtRage8Y55U:FDaYebRrcHEZrEkVLQvVaYebRrcHEZr1 |
| MD5: | 4FB73D9909148654CBCADCF897971F66 |
| SHA1: | 845EBEFBC21AAF87788F7B4E9361689ACD96A7E3 |
| SHA-256: | 0D105DD1A913155A9BFBFA190F1523F0E28241419A2E3938BC0F251AE3A2F9C2 |
| SHA-512: | 546834DD0CF26074932BD452F29E7121F3DA35DB1B84BDFBD8A0C8EB21A294A25F674F1D05BD3769EEC583701A08D3DBC1257200BFB8D7B7A2839E66AB4C5630 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\MANIFEST-000001
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 41 |
| Entropy (8bit): | 4.704993772857998 |
| Encrypted: | false |
| SSDEEP: | 3:scoBAIxQRDKIVjn:scoBY7jn |
| MD5: | 5AF87DFD673BA2115E2FCF5CFDB727AB |
| SHA1: | D5B5BBF396DC291274584EF71F444F420B6056F1 |
| SHA-256: | F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4 |
| SHA-512: | DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\000001.dbtmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\CURRENT (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\LOG
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 311 |
| Entropy (8bit): | 5.203043042775841 |
| Encrypted: | false |
| SSDEEP: | 6:jPT3c81N723oH+TcwtRa2jM8B2KLlFaoL+q2PN723oH+TcwtRa2jMGIFUv:fc8aYebRjFLOoL+vVaYebREFUv |
| MD5: | DF1F00428A9365CAAA9BE23B784B27DC |
| SHA1: | 2C87612D74B7EE27F86C7F267C4F69DFAE1FD6D1 |
| SHA-256: | F180153E33AE2545D5CA50E8CC4D48F1025013ED0A0B0C46CF17C58D923772C9 |
| SHA-512: | 77B0B3DA2CCB29353745D87CC6681E673B4DDF847F4A84D5B64943378E7D72EC95780B162949C29494316B19F9C907FBB4946FF6E013F00476E44C18FB86489F |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\MANIFEST-000001
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 41 |
| Entropy (8bit): | 4.704993772857998 |
| Encrypted: | false |
| SSDEEP: | 3:scoBAIxQRDKIVjn:scoBY7jn |
| MD5: | 5AF87DFD673BA2115E2FCF5CFDB727AB |
| SHA1: | D5B5BBF396DC291274584EF71F444F420B6056F1 |
| SHA-256: | F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4 |
| SHA-512: | DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 51200 |
| Entropy (8bit): | 0.8745933985004888 |
| Encrypted: | false |
| SSDEEP: | 96:y8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:y8yLG7IwRWf4 |
| MD5: | 7A9BF0D6AB6967E057DB6BA4EE45243B |
| SHA1: | 0C8775DE3A37242BA7CF2FAE40613E935970928F |
| SHA-256: | E3C8C78A681C3CB37BE10D4B3D9E97E05D438DCF71FBF9CE4F388A3F3218BE8F |
| SHA-512: | 42BCF1D8588E89E9DE413A4AE5C973D5F149F09273CB293EDF53AB2EF94D493310F19F10CA06EBDF6893CB46AA234A5BAA1C4CD1D531F26C1B406B7AE459EEDA |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network Action Predictor
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 45056 |
| Entropy (8bit): | 0.40293591932113104 |
| Encrypted: | false |
| SSDEEP: | 24:TLVgTjDk5Yk8k+/kCkzD3zzbLGfIzLihje90xq/WMFFfeFzfXVVlYWOT/CUFSe:Tmo9n+8dv/qALihje9kqL42WOT/9F |
| MD5: | ADC0CFB8A1A20DE2C4AB738B413CBEA4 |
| SHA1: | 238EF489E5FDC6EBB36F09D415FB353350E7097B |
| SHA-256: | 7C071E36A64FB1881258712C9880F155D9CBAC693BADCC391A1CB110C257CC37 |
| SHA-512: | 38C8B7293B8F7BEF03299BAFB981EEEE309945B1BDE26ACDAD6FDD63247C21CA04D493A1DDAFC3B9A1904EFED998E9C7C0C8E98506FD4AC0AB252DFF34566B66 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\1f14767a-1599-40e0-8e23-6b013b46fcda.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 170 |
| Entropy (8bit): | 4.89042451592505 |
| Encrypted: | false |
| SSDEEP: | 3:YLb9N+eAXRfHDHERW6JfYoR6oJbTHJHcBYMKWKWMS7PMVKJq0nMb1KKtiVY:YHpo03h6ub74MS7PMVKJTnMRK3VY |
| MD5: | 4117E5247EF55EA8839672284FF0AB95 |
| SHA1: | 90F5CE007ABA44EB8E4C32B4A738055DEDA39474 |
| SHA-256: | C1C38C8620401B15F569897943EB1B7989BD9C159320721AF21120E510BFA46E |
| SHA-512: | CD95D7385B1B0921B3E4797D541C7ECC43957E3B6C7D04156B6B6B939B35806C6C539264340127266CAC1B363F34A432DA9B94ADAEA1B47BEBDA9CB1BB2328D2 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\22db580e-a664-4e3a-8fa5-05a0eb66f1ea.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2 |
| Entropy (8bit): | 1.0 |
| Encrypted: | false |
| SSDEEP: | 3:H:H |
| MD5: | D751713988987E9331980363E24189CE |
| SHA1: | 97D170E1550EEE4AFC0AF065B78CDA302A97674C |
| SHA-256: | 4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945 |
| SHA-512: | B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\4118e5df-4d30-45a7-a80e-b0433f03a0c1.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 40 |
| Entropy (8bit): | 4.1275671571169275 |
| Encrypted: | false |
| SSDEEP: | 3:Y2ktGMxkAXWMSN:Y2xFMSN |
| MD5: | 20D4B8FA017A12A108C87F540836E250 |
| SHA1: | 1AC617FAC131262B6D3CE1F52F5907E31D5F6F00 |
| SHA-256: | 6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D |
| SHA-512: | 507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\8db1f03e-8f82-445a-98c0-295a22f86586.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 59 |
| Entropy (8bit): | 4.619434150836742 |
| Encrypted: | false |
| SSDEEP: | 3:YLbkVKJq0nMb1KKtiVY:YHkVKJTnMRK3VY |
| MD5: | 2800881C775077E1C4B6E06BF4676DE4 |
| SHA1: | 2873631068C8B3B9495638C865915BE822442C8B |
| SHA-256: | 226EEC4486509917AA336AFEBD6FF65777B75B65F1FB06891D2A857A9421A974 |
| SHA-512: | E342407AB65CC68F1B3FD706CD0A37680A0864FFD30A6539730180EDE2CDCD732CC97AE0B9EF7DB12DA5C0F83E429DF0840DBF7596ACA859A0301665E517377B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\91c17e03-fef0-4bbf-8695-81ed438e0b33.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2 |
| Entropy (8bit): | 1.0 |
| Encrypted: | false |
| SSDEEP: | 3:H:H |
| MD5: | D751713988987E9331980363E24189CE |
| SHA1: | 97D170E1550EEE4AFC0AF065B78CDA302A97674C |
| SHA-256: | 4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945 |
| SHA-512: | B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 20480 |
| Entropy (8bit): | 0.6732424250451717 |
| Encrypted: | false |
| SSDEEP: | 24:TLO1nKbXYFpFNYcoqT1kwE6UwpQ9YHVXxZ6HfB:Tq1KLopF+SawLUO1Xj8B |
| MD5: | CFFF4E2B77FC5A18AB6323AF9BF95339 |
| SHA1: | 3AA2C2115A8EB4516049600E8832E9BFFE0C2412 |
| SHA-256: | EC8B67EF7331A87086A6CC085B085A6B7FFFD325E1B3C90BD3B9B1B119F696AE |
| SHA-512: | 0BFDC8D28D09558AA97F4235728AD656FE9F6F2C61DDA2D09B416F89AB60038537B7513B070B907E57032A68B9717F03575DB6778B68386254C8157559A3F1BC |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Network Persistent State (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 59 |
| Entropy (8bit): | 4.619434150836742 |
| Encrypted: | false |
| SSDEEP: | 3:YLbkVKJq0nMb1KKtiVY:YHkVKJTnMRK3VY |
| MD5: | 2800881C775077E1C4B6E06BF4676DE4 |
| SHA1: | 2873631068C8B3B9495638C865915BE822442C8B |
| SHA-256: | 226EEC4486509917AA336AFEBD6FF65777B75B65F1FB06891D2A857A9421A974 |
| SHA-512: | E342407AB65CC68F1B3FD706CD0A37680A0864FFD30A6539730180EDE2CDCD732CC97AE0B9EF7DB12DA5C0F83E429DF0840DBF7596ACA859A0301665E517377B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Network Persistent State~RF47e15.TMP (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 59 |
| Entropy (8bit): | 4.619434150836742 |
| Encrypted: | false |
| SSDEEP: | 3:YLbkVKJq0nMb1KKtiVY:YHkVKJTnMRK3VY |
| MD5: | 2800881C775077E1C4B6E06BF4676DE4 |
| SHA1: | 2873631068C8B3B9495638C865915BE822442C8B |
| SHA-256: | 226EEC4486509917AA336AFEBD6FF65777B75B65F1FB06891D2A857A9421A974 |
| SHA-512: | E342407AB65CC68F1B3FD706CD0A37680A0864FFD30A6539730180EDE2CDCD732CC97AE0B9EF7DB12DA5C0F83E429DF0840DBF7596ACA859A0301665E517377B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Reporting and NEL
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 36864 |
| Entropy (8bit): | 0.7608474613099627 |
| Encrypted: | false |
| SSDEEP: | 48:TaIopKWurJNVr1GJmA8pv82pfurJNVrdHXuccaurJN2VrJ1n4n1GmzNGU1cSBkhY:uIEumQv8m1ccnvS6a6j |
| MD5: | 0D5E1263B6A7F36CFF5EF3A39C2820E6 |
| SHA1: | 946D7A7A6BA0FF46A02AC91A9FF282B9EA3C5CE9 |
| SHA-256: | D31BBD0F7B4D5D448C92FBA974807563B74A104DD247D216F2447D509BF24F8D |
| SHA-512: | CFFFC829835D87C1111933CDF629BB1E71F4CDD0AAE02BF7E648ACF0AE963FB8ECE90B792AEB84C6276B182B8AD15BA3DC70E1AB396432B8A7F58E54AC667DD3 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\SCT Auditing Pending Reports (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2 |
| Entropy (8bit): | 1.0 |
| Encrypted: | false |
| SSDEEP: | 3:H:H |
| MD5: | D751713988987E9331980363E24189CE |
| SHA1: | 97D170E1550EEE4AFC0AF065B78CDA302A97674C |
| SHA-256: | 4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945 |
| SHA-512: | B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\SCT Auditing Pending Reports~RF35c5a.TMP (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2 |
| Entropy (8bit): | 1.0 |
| Encrypted: | false |
| SSDEEP: | 3:H:H |
| MD5: | D751713988987E9331980363E24189CE |
| SHA1: | 97D170E1550EEE4AFC0AF065B78CDA302A97674C |
| SHA-256: | 4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945 |
| SHA-512: | B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Sdch Dictionaries (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 40 |
| Entropy (8bit): | 4.1275671571169275 |
| Encrypted: | false |
| SSDEEP: | 3:Y2ktGMxkAXWMSN:Y2xFMSN |
| MD5: | 20D4B8FA017A12A108C87F540836E250 |
| SHA1: | 1AC617FAC131262B6D3CE1F52F5907E31D5F6F00 |
| SHA-256: | 6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D |
| SHA-512: | 507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Trust Tokens
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 36864 |
| Entropy (8bit): | 0.36515621748816035 |
| Encrypted: | false |
| SSDEEP: | 24:TLH3lIIAoDJ84l5lDlnDMlRlyKDtM6UwccWfp15fBIe:Tb31DtX5nDOvyKDhU1cSB |
| MD5: | 25363ADC3C9D98BAD1A33D0792405CBF |
| SHA1: | D06E343087D86EF1A06F7479D81B26C90A60B5C3 |
| SHA-256: | 6E019B8B9E389216D5BDF1F2FE63F41EF98E71DA101F2A6BE04F41CC5954532D |
| SHA-512: | CF7EEE35D0E00945AF221BEC531E8BF06C08880DA00BD103FA561BC069D7C6F955CBA3C1C152A4884601E5A670B7487D39B4AE9A4D554ED8C14F129A74E555F7 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Nurturing\campaign_history
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 20480 |
| Entropy (8bit): | 0.46731661083066856 |
| Encrypted: | false |
| SSDEEP: | 12:TL1QAFUxOUDaabZXiDiIF8izX4fhhdWeci2oesJaYi3is25q0S9K0xHZ75fOV:TLiOUOq0afDdWec9sJf5Q7J5fc |
| MD5: | E93ACF0820CA08E5A5D2D159729F70E3 |
| SHA1: | 2C1A4D4924B9AEC1A796F108607404B000877C5D |
| SHA-256: | F2267FDA7F45499F7A01186B75CEFB799F8D2BC97E2E9B5068952D477294302C |
| SHA-512: | 3BF36C20E04DCF1C16DC794E272F82F68B0DE43F16B4A9746B63B6D6BBC953B00BD7111CDA7AFE85CEBB2C447145483A382B15E2B0A5B36026C3441635D4E50C |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 6298 |
| Entropy (8bit): | 4.977672750904079 |
| Encrypted: | false |
| SSDEEP: | 96:styqfvis13b9U6DOq8znOs85eh6Cb7/x+6MhmuecmAeiaA2MB/EJ:stynsrqqkOs88bV+FiAxPBMJ |
| MD5: | 26874F9C0756A589ECD07389CB39D0C9 |
| SHA1: | 8DEC830A6CA3125E2BA0C55477905BD40EAA81CA |
| SHA-256: | 4B9528A9FBC6A9E14F7F2159D2197B665E6C91DEF7180269CBB767939003C523 |
| SHA-512: | 8A1A864F7EB2F7B319E4E9AA72F8C79378CA5CBB3CF713316690F2728C90BF7639A67D24E206C86C178EA26B6D5A11EFFDD39848BCDC5F9FAE938C9C9052574F |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Preferences~RF3ec55.TMP (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 6298 |
| Entropy (8bit): | 4.977672750904079 |
| Encrypted: | false |
| SSDEEP: | 96:styqfvis13b9U6DOq8znOs85eh6Cb7/x+6MhmuecmAeiaA2MB/EJ:stynsrqqkOs88bV+FiAxPBMJ |
| MD5: | 26874F9C0756A589ECD07389CB39D0C9 |
| SHA1: | 8DEC830A6CA3125E2BA0C55477905BD40EAA81CA |
| SHA-256: | 4B9528A9FBC6A9E14F7F2159D2197B665E6C91DEF7180269CBB767939003C523 |
| SHA-512: | 8A1A864F7EB2F7B319E4E9AA72F8C79378CA5CBB3CF713316690F2728C90BF7639A67D24E206C86C178EA26B6D5A11EFFDD39848BCDC5F9FAE938C9C9052574F |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Preferences~RF46195.TMP (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 6298 |
| Entropy (8bit): | 4.977672750904079 |
| Encrypted: | false |
| SSDEEP: | 96:styqfvis13b9U6DOq8znOs85eh6Cb7/x+6MhmuecmAeiaA2MB/EJ:stynsrqqkOs88bV+FiAxPBMJ |
| MD5: | 26874F9C0756A589ECD07389CB39D0C9 |
| SHA1: | 8DEC830A6CA3125E2BA0C55477905BD40EAA81CA |
| SHA-256: | 4B9528A9FBC6A9E14F7F2159D2197B665E6C91DEF7180269CBB767939003C523 |
| SHA-512: | 8A1A864F7EB2F7B319E4E9AA72F8C79378CA5CBB3CF713316690F2728C90BF7639A67D24E206C86C178EA26B6D5A11EFFDD39848BCDC5F9FAE938C9C9052574F |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 33 |
| Entropy (8bit): | 4.051821770808046 |
| Encrypted: | false |
| SSDEEP: | 3:YVXADAEvTLSJ:Y9AcEvHSJ |
| MD5: | 2B432FEF211C69C745ACA86DE4F8E4AB |
| SHA1: | 4B92DA8D4C0188CF2409500ADCD2200444A82FCC |
| SHA-256: | 42B55D126D1E640B1ED7A6BDCB9A46C81DF461FA7E131F4F8C7108C2C61C14DE |
| SHA-512: | 948502DE4DC89A7E9D2E1660451FCD0F44FD3816072924A44F145D821D0363233CC92A377DBA3A0A9F849E3C17B1893070025C369C8120083A622D025FE1EACF |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 182 |
| Entropy (8bit): | 4.2629097520179995 |
| Encrypted: | false |
| SSDEEP: | 3:RGXKRjg0QwVIWRKXECSAV6jDyhjgHGAW+LB2Z4MKLFE1SwhiFAfXQmWyKBPMwRgK:z3frsUpAQQgHGwB26MK8Sw06fXQmWtRT |
| MD5: | 643E00B0186AA80523F8A6BED550A925 |
| SHA1: | EC4056125D6F1A8890FFE01BFFC973C2F6ABD115 |
| SHA-256: | A0C9ABAE18599F0A65FC654AD36251F6330794BEA66B718A09D8B297F3E38E87 |
| SHA-512: | D91A934EAF7D9D669B8AD4452234DE6B23D15237CB4D251F2C78C8339CEE7B4F9BA6B8597E35FE8C81B3D6F64AE707C68FF492903C0EDC3E4BAF2C6B747E247D |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Secure Preferences (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 24799 |
| Entropy (8bit): | 5.5667759242487085 |
| Encrypted: | false |
| SSDEEP: | 768:lV0mOhWi3W5wZ1f49A8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPBZIwNp7rwX/pGtuu:lGphB3WaZ1fAAu1jawr7Qgtd |
| MD5: | 9AEC9D8814A886C6F00FB83FEABE8469 |
| SHA1: | C3FC6D9133BCE4F7CBE4FAADEEE249791CDF4751 |
| SHA-256: | BD75C6C8F40A73D34732790281C2E87DBF0B7BAE9C84867D084FE839CF062C4C |
| SHA-512: | A9195EFFC5BB0ED0C28EB596D07D54D3D264526703FCABB662A287B171743C508E184ACFA0B615F7D2A8B7B9A661B6C921B7B7D7668CC5BF24E1377C9665FF5F |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Secure Preferences~RF3bc6b.TMP (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 24799 |
| Entropy (8bit): | 5.5667759242487085 |
| Encrypted: | false |
| SSDEEP: | 768:lV0mOhWi3W5wZ1f49A8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPBZIwNp7rwX/pGtuu:lGphB3WaZ1fAAu1jawr7Qgtd |
| MD5: | 9AEC9D8814A886C6F00FB83FEABE8469 |
| SHA1: | C3FC6D9133BCE4F7CBE4FAADEEE249791CDF4751 |
| SHA-256: | BD75C6C8F40A73D34732790281C2E87DBF0B7BAE9C84867D084FE839CF062C4C |
| SHA-512: | A9195EFFC5BB0ED0C28EB596D07D54D3D264526703FCABB662A287B171743C508E184ACFA0B615F7D2A8B7B9A661B6C921B7B7D7668CC5BF24E1377C9665FF5F |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\000001.dbtmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\000003.log
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 118 |
| Entropy (8bit): | 3.160877598186631 |
| Encrypted: | false |
| SSDEEP: | 3:S8ltHlS+QUl1ASEGhTFljljljl:S85aEFljljljl |
| MD5: | 7733303DBE19B64C38F3DE4FE224BE9A |
| SHA1: | 8CA37B38028A2DB895A4570E0536859B3CC5C279 |
| SHA-256: | B10C1BA416A632CD57232C81A5C2E8EE76A716E0737D10EABE1D430BEC50739D |
| SHA-512: | E8CD965BCA0480DB9808CB1B461AC5BF5935C3CBF31C10FDF090D406F4BC4F3187D717199DCF94197B8DF24C1D6E4FF07241D8CFFFD9AEE06CCE9674F0220E29 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\CURRENT (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 299 |
| Entropy (8bit): | 5.135485007632775 |
| Encrypted: | false |
| SSDEEP: | 6:jtr81N723oH+TcwtSQM72KLlFtzoL+q2PN723oH+TcwtSQMxIFUv:58aYeb0LdoL+vVaYebrFUv |
| MD5: | 51C6182363FEF1BDC923C74B2BA53EF2 |
| SHA1: | 7BDEAE5F1A13AF8722AF2E26BB8A29BAB05160B4 |
| SHA-256: | 6F987CB6ACB89F7E163338B72D40131ADEABD72D3128DB2BAC8B743CE2884F85 |
| SHA-512: | DD65D222408E2EA73129E7ACDF272E97FA00F84ADC2AC49B28A11507EBFECAB3FA3AC4ED0965AD55B4399FBBB88972BA0DE792404BC454631DBA64536ECD5E97 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\MANIFEST-000001
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 41 |
| Entropy (8bit): | 4.704993772857998 |
| Encrypted: | false |
| SSDEEP: | 3:scoBAIxQRDKIVjn:scoBY7jn |
| MD5: | 5AF87DFD673BA2115E2FCF5CFDB727AB |
| SHA1: | D5B5BBF396DC291274584EF71F444F420B6056F1 |
| SHA-256: | F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4 |
| SHA-512: | DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 20480 |
| Entropy (8bit): | 0.44194574462308833 |
| Encrypted: | false |
| SSDEEP: | 12:TLiNCcUMskMVcIWGhWxBzEXx7AAQlvsdFxOUwa5qgufTJpbZ75fOS:TLisVMnYPhIY5Qlvsd6UwccNp15fB |
| MD5: | B35F740AA7FFEA282E525838EABFE0A6 |
| SHA1: | A67822C17670CCE0BA72D3E9C8DA0CE755A3421A |
| SHA-256: | 5D599596D116802BAD422497CF68BE59EEB7A9135E3ED1C6BEACC48F73827161 |
| SHA-512: | 05C0D33516B2C1AB6928FB34957AD3E03CB0A8B7EEC0FD627DD263589655A16DEA79100B6CC29095C3660C95FD2AFB2E4DD023F0597BD586DD664769CABB67F8 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\000001.dbtmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\000003.log
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 40 |
| Entropy (8bit): | 3.473726825238924 |
| Encrypted: | false |
| SSDEEP: | 3:41tt0diERGn:et084G |
| MD5: | 148079685E25097536785F4536AF014B |
| SHA1: | C5FF5B1B69487A9DD4D244D11BBAFA91708C1A41 |
| SHA-256: | F096BC366A931FBA656BDCD77B24AF15A5F29FC53281A727C79F82C608ECFAB8 |
| SHA-512: | C2556034EA51ABFBC172EB62FF11F5AC45C317F84F39D4B9E3DDBD0190DA6EF7FA03FE63631B97AB806430442974A07F8E81B5F7DC52D9F2FCDC669ADCA8D91F |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\CURRENT (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\LOG
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 325 |
| Entropy (8bit): | 5.111416438690401 |
| Encrypted: | false |
| SSDEEP: | 6:jPnTV3Eq1N723oH+TcwtgUh2gr52KLlFniFdsVq2PN723oH+TcwtgUh2ghZIFUv:TTV3EaaYeb3hHJLziF+VvVaYeb3hHh2g |
| MD5: | 755AFF932C2308757FCF0346DDDE1AB4 |
| SHA1: | 8698A0C9756AA62AF856C1898547DFF7435DD6AE |
| SHA-256: | 11AF380DE30ABC3221AC2BCEA1191FA4C7CEFF2EECC332D3FDA2F32A90AD7CD9 |
| SHA-512: | 3D29C7B67C29F4B774532A12F6A56423F4F8B57B92989A033A601AAEE2BD88F842F5F1E23F34AFAD91DBF7293D3F5C2844FB9E62B4AF66CD20CEA4FF7D24EF2E |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\MANIFEST-000001
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 41 |
| Entropy (8bit): | 4.704993772857998 |
| Encrypted: | false |
| SSDEEP: | 3:scoBAIxQRDKIVjn:scoBY7jn |
| MD5: | 5AF87DFD673BA2115E2FCF5CFDB727AB |
| SHA1: | D5B5BBF396DC291274584EF71F444F420B6056F1 |
| SHA-256: | F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4 |
| SHA-512: | DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_0
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8192 |
| Entropy (8bit): | 0.01057775872642915 |
| Encrypted: | false |
| SSDEEP: | 3:MsFl:/F |
| MD5: | CF89D16BB9107C631DAABF0C0EE58EFB |
| SHA1: | 3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B |
| SHA-256: | D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E |
| SHA-512: | 8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_1
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 270336 |
| Entropy (8bit): | 8.280239615765425E-4 |
| Encrypted: | false |
| SSDEEP: | 3:MsEllllkEthXllkl2:/M/xT02 |
| MD5: | D0D388F3865D0523E451D6BA0BE34CC4 |
| SHA1: | 8571C6A52AACC2747C048E3419E5657B74612995 |
| SHA-256: | 902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B |
| SHA-512: | 376011D00DE659EB6082A74E862CFAC97A9BB508E0B740761505142E2D24EC1C30AA61EFBC1C0DD08FF0F34734444DE7F77DD90A6CA42B48A4C7FAD5F0BDDD17 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_2
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8192 |
| Entropy (8bit): | 0.011852361981932763 |
| Encrypted: | false |
| SSDEEP: | 3:MsHlDll:/H |
| MD5: | 0962291D6D367570BEE5454721C17E11 |
| SHA1: | 59D10A893EF321A706A9255176761366115BEDCB |
| SHA-256: | EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7 |
| SHA-512: | F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_3
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8192 |
| Entropy (8bit): | 0.012340643231932763 |
| Encrypted: | false |
| SSDEEP: | 3:MsGl3ll:/y |
| MD5: | 41876349CB12D6DB992F1309F22DF3F0 |
| SHA1: | 5CF26B3420FC0302CD0A71E8D029739B8765BE27 |
| SHA-256: | E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C |
| SHA-512: | E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\index
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 524656 |
| Entropy (8bit): | 4.989325630401085E-4 |
| Encrypted: | false |
| SSDEEP: | 3:Lsulp9t:Lsut |
| MD5: | 396D5B9CF8477099FB31623E394224FD |
| SHA1: | 2D3F59570C45D3E1557E9C405976AC5CC04D1CF9 |
| SHA-256: | 9F998D7C5B1287A0A78C16CE2B91BF1847560549BC45F1FDFFD08EAF5949DE98 |
| SHA-512: | 18B53D1A901BE61F83382DAB43BF2C0FA06F0DF51D8B7636B4A4322E8AA27FE5EADFD7078587D42ADAA80130A3F9581C2FD0D52EC42150C1EEF74A528CB0B249 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 24 |
| Entropy (8bit): | 2.1431558784658327 |
| Encrypted: | false |
| SSDEEP: | 3:m+l:m |
| MD5: | 54CB446F628B2EA4A5BCE5769910512E |
| SHA1: | C27CA848427FE87F5CF4D0E0E3CD57151B0D820D |
| SHA-256: | FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D |
| SHA-512: | 8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index-dir\temp-index
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 48 |
| Entropy (8bit): | 2.955557653394731 |
| Encrypted: | false |
| SSDEEP: | 3:WEDKcFE0EakdkzT:W4K0wFkX |
| MD5: | C8160004BCA70CCC032EADDC4D5B1729 |
| SHA1: | EA62ED146989E18BE096BD9B4D521D981CF97173 |
| SHA-256: | 20850C07126C243117E0595730B4283D02480A2740D0EC1DDE0530BE57E87340 |
| SHA-512: | 6FD7933F2728A8801A16455E85AFBBFD1F50567EFA864CD3672FA229D86A42000290A020FE20648EFACDAA01C354878278B381E604794D06116F9DBDA1DFC861 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index-dir\the-real-index (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 48 |
| Entropy (8bit): | 2.955557653394731 |
| Encrypted: | false |
| SSDEEP: | 3:WEDKcFE0EakdkzT:W4K0wFkX |
| MD5: | C8160004BCA70CCC032EADDC4D5B1729 |
| SHA1: | EA62ED146989E18BE096BD9B4D521D981CF97173 |
| SHA-256: | 20850C07126C243117E0595730B4283D02480A2740D0EC1DDE0530BE57E87340 |
| SHA-512: | 6FD7933F2728A8801A16455E85AFBBFD1F50567EFA864CD3672FA229D86A42000290A020FE20648EFACDAA01C354878278B381E604794D06116F9DBDA1DFC861 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 24 |
| Entropy (8bit): | 2.1431558784658327 |
| Encrypted: | false |
| SSDEEP: | 3:m+l:m |
| MD5: | 54CB446F628B2EA4A5BCE5769910512E |
| SHA1: | C27CA848427FE87F5CF4D0E0E3CD57151B0D820D |
| SHA-256: | FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D |
| SHA-512: | 8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index-dir\temp-index
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 48 |
| Entropy (8bit): | 2.955557653394731 |
| Encrypted: | false |
| SSDEEP: | 3:WEDKcFE0EakdkzT:W4K0wFkX |
| MD5: | C8160004BCA70CCC032EADDC4D5B1729 |
| SHA1: | EA62ED146989E18BE096BD9B4D521D981CF97173 |
| SHA-256: | 20850C07126C243117E0595730B4283D02480A2740D0EC1DDE0530BE57E87340 |
| SHA-512: | 6FD7933F2728A8801A16455E85AFBBFD1F50567EFA864CD3672FA229D86A42000290A020FE20648EFACDAA01C354878278B381E604794D06116F9DBDA1DFC861 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index-dir\the-real-index (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 48 |
| Entropy (8bit): | 2.955557653394731 |
| Encrypted: | false |
| SSDEEP: | 3:WEDKcFE0EakdkzT:W4K0wFkX |
| MD5: | C8160004BCA70CCC032EADDC4D5B1729 |
| SHA1: | EA62ED146989E18BE096BD9B4D521D981CF97173 |
| SHA-256: | 20850C07126C243117E0595730B4283D02480A2740D0EC1DDE0530BE57E87340 |
| SHA-512: | 6FD7933F2728A8801A16455E85AFBBFD1F50567EFA864CD3672FA229D86A42000290A020FE20648EFACDAA01C354878278B381E604794D06116F9DBDA1DFC861 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_0
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8192 |
| Entropy (8bit): | 0.01057775872642915 |
| Encrypted: | false |
| SSDEEP: | 3:MsFl:/F |
| MD5: | CF89D16BB9107C631DAABF0C0EE58EFB |
| SHA1: | 3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B |
| SHA-256: | D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E |
| SHA-512: | 8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 270336 |
| Entropy (8bit): | 0.0012471779557650352 |
| Encrypted: | false |
| SSDEEP: | 3:MsEllllkEthXllkl2zE:/M/xT02z |
| MD5: | F50F89A0A91564D0B8A211F8921AA7DE |
| SHA1: | 112403A17DD69D5B9018B8CEDE023CB3B54EAB7D |
| SHA-256: | B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC |
| SHA-512: | BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_2
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8192 |
| Entropy (8bit): | 0.011852361981932763 |
| Encrypted: | false |
| SSDEEP: | 3:MsHlDll:/H |
| MD5: | 0962291D6D367570BEE5454721C17E11 |
| SHA1: | 59D10A893EF321A706A9255176761366115BEDCB |
| SHA-256: | EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7 |
| SHA-512: | F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_3
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8192 |
| Entropy (8bit): | 0.012340643231932763 |
| Encrypted: | false |
| SSDEEP: | 3:MsGl3ll:/y |
| MD5: | 41876349CB12D6DB992F1309F22DF3F0 |
| SHA1: | 5CF26B3420FC0302CD0A71E8D029739B8765BE27 |
| SHA-256: | E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C |
| SHA-512: | E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\index
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 262512 |
| Entropy (8bit): | 9.553120663130604E-4 |
| Encrypted: | false |
| SSDEEP: | 3:LsNlQXl:Ls3ol |
| MD5: | 5F951C507B4D13EA4534CFB9DD3228EB |
| SHA1: | 33462419C311AECE52BE5D87AD1F672CDED5BBC4 |
| SHA-256: | 7ED735C962FC80078853E6151FAFBF00D5EF767B855349BA09DFE7998458AE25 |
| SHA-512: | 94EBC366D22473E70E45CCBDD900DC9794CC6EE0DD42A9A27848BA4CC0ABC2E828A63C1DF6696AC06485E407D7507E889F49D5C56FADA278779C05FE9EE301B1 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_0
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8192 |
| Entropy (8bit): | 0.01057775872642915 |
| Encrypted: | false |
| SSDEEP: | 3:MsFl:/F |
| MD5: | CF89D16BB9107C631DAABF0C0EE58EFB |
| SHA1: | 3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B |
| SHA-256: | D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E |
| SHA-512: | 8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 270336 |
| Entropy (8bit): | 0.0012471779557650352 |
| Encrypted: | false |
| SSDEEP: | 3:MsEllllkEthXllkl2zE:/M/xT02z |
| MD5: | F50F89A0A91564D0B8A211F8921AA7DE |
| SHA1: | 112403A17DD69D5B9018B8CEDE023CB3B54EAB7D |
| SHA-256: | B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC |
| SHA-512: | BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_2
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8192 |
| Entropy (8bit): | 0.011852361981932763 |
| Encrypted: | false |
| SSDEEP: | 3:MsHlDll:/H |
| MD5: | 0962291D6D367570BEE5454721C17E11 |
| SHA1: | 59D10A893EF321A706A9255176761366115BEDCB |
| SHA-256: | EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7 |
| SHA-512: | F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_3
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8192 |
| Entropy (8bit): | 0.012340643231932763 |
| Encrypted: | false |
| SSDEEP: | 3:MsGl3ll:/y |
| MD5: | 41876349CB12D6DB992F1309F22DF3F0 |
| SHA1: | 5CF26B3420FC0302CD0A71E8D029739B8765BE27 |
| SHA-256: | E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C |
| SHA-512: | E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\index
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 262512 |
| Entropy (8bit): | 9.553120663130604E-4 |
| Encrypted: | false |
| SSDEEP: | 3:LsNlHWaK:Ls32aK |
| MD5: | 921782A440B30A1AF3AE3905CFDA0F08 |
| SHA1: | 163B87DB42052D6796CF9F3F12BE7DEB1581439A |
| SHA-256: | 659DBDB6D2480A9C61D06FDDC73EBC84279522D6470E9950CC568EF9C174A165 |
| SHA-512: | 77884FC1E616E3EE911209F0860519BB28D7334CBF1517DF6C81681FB893F90FFDBF3458CDF631E83D397388D7B9A551CC0557B839F12FC585A6DA87EA6AAE25 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\000001.dbtmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\CURRENT (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 409 |
| Entropy (8bit): | 5.211499357964428 |
| Encrypted: | false |
| SSDEEP: | 6:j+8c81N723oH+Tcwt0jqEKj3K/2jM8B2KLlFdDL+q2PN723oH+Tcwt0jqEKj3K/M:bc8aYebqqBvFL5DL+vVaYebqqBQFUv |
| MD5: | 1727A6A854B50622D60B58A63022E217 |
| SHA1: | 3BFCD8885396D227BFFEE429AACA213901B5A241 |
| SHA-256: | 5861B2114BD3D2C8BF8331AED17370C5E73962D293D3066CE61B6EA01ED40E07 |
| SHA-512: | 0974BCBBE6E15DFA8521801E9B0940AFC8ECD087443CCB12F8DBB177BAE887E40ABC18B571E00EDFB3344E277D40AC46A5D82C9895F6592D619FB6533B2C42DD |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\MANIFEST-000001
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 41 |
| Entropy (8bit): | 4.704993772857998 |
| Encrypted: | false |
| SSDEEP: | 3:scoBAIxQRDKIVjn:scoBY7jn |
| MD5: | 5AF87DFD673BA2115E2FCF5CFDB727AB |
| SHA1: | D5B5BBF396DC291274584EF71F444F420B6056F1 |
| SHA-256: | F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4 |
| SHA-512: | DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\32a94457-151f-4312-82cb-390ca47b1784.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 59 |
| Entropy (8bit): | 4.619434150836742 |
| Encrypted: | false |
| SSDEEP: | 3:YLbkVKJq0nMb1KKtiVY:YHkVKJTnMRK3VY |
| MD5: | 2800881C775077E1C4B6E06BF4676DE4 |
| SHA1: | 2873631068C8B3B9495638C865915BE822442C8B |
| SHA-256: | 226EEC4486509917AA336AFEBD6FF65777B75B65F1FB06891D2A857A9421A974 |
| SHA-512: | E342407AB65CC68F1B3FD706CD0A37680A0864FFD30A6539730180EDE2CDCD732CC97AE0B9EF7DB12DA5C0F83E429DF0840DBF7596ACA859A0301665E517377B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\468ed4e3-cd53-4fa0-a75f-4aaaf1742753.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2 |
| Entropy (8bit): | 1.0 |
| Encrypted: | false |
| SSDEEP: | 3:H:H |
| MD5: | D751713988987E9331980363E24189CE |
| SHA1: | 97D170E1550EEE4AFC0AF065B78CDA302A97674C |
| SHA-256: | 4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945 |
| SHA-512: | B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\7dd43ce8-f8c0-4d94-b2da-7bc071973f9e.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 40 |
| Entropy (8bit): | 4.1275671571169275 |
| Encrypted: | false |
| SSDEEP: | 3:Y2ktGMxkAXWMSN:Y2xFMSN |
| MD5: | 20D4B8FA017A12A108C87F540836E250 |
| SHA1: | 1AC617FAC131262B6D3CE1F52F5907E31D5F6F00 |
| SHA-256: | 6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D |
| SHA-512: | 507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 59 |
| Entropy (8bit): | 4.619434150836742 |
| Encrypted: | false |
| SSDEEP: | 3:YLbkVKJq0nMb1KKtiVY:YHkVKJTnMRK3VY |
| MD5: | 2800881C775077E1C4B6E06BF4676DE4 |
| SHA1: | 2873631068C8B3B9495638C865915BE822442C8B |
| SHA-256: | 226EEC4486509917AA336AFEBD6FF65777B75B65F1FB06891D2A857A9421A974 |
| SHA-512: | E342407AB65CC68F1B3FD706CD0A37680A0864FFD30A6539730180EDE2CDCD732CC97AE0B9EF7DB12DA5C0F83E429DF0840DBF7596ACA859A0301665E517377B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State~RF47e73.TMP (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 59 |
| Entropy (8bit): | 4.619434150836742 |
| Encrypted: | false |
| SSDEEP: | 3:YLbkVKJq0nMb1KKtiVY:YHkVKJTnMRK3VY |
| MD5: | 2800881C775077E1C4B6E06BF4676DE4 |
| SHA1: | 2873631068C8B3B9495638C865915BE822442C8B |
| SHA-256: | 226EEC4486509917AA336AFEBD6FF65777B75B65F1FB06891D2A857A9421A974 |
| SHA-512: | E342407AB65CC68F1B3FD706CD0A37680A0864FFD30A6539730180EDE2CDCD732CC97AE0B9EF7DB12DA5C0F83E429DF0840DBF7596ACA859A0301665E517377B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Reporting and NEL
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 36864 |
| Entropy (8bit): | 0.5559635235158827 |
| Encrypted: | false |
| SSDEEP: | 48:T6IopKWurJNVr1GJmA8pv82pfurJNVrdHXuccaurJN2VrJ1n4n1GmzNGU1cSB:OIEumQv8m1ccnvS6 |
| MD5: | 9AAAE8C040B616D1378F3E0E17689A29 |
| SHA1: | F91E7DE07F1DA14D15D067E1F50C3B84A328DBB7 |
| SHA-256: | 5B94D63C31AE795661F69B9D10E8BFD115584CD6FEF5FBB7AA483FDC6A66945B |
| SHA-512: | 436202AB8B6BB0318A30946108E6722DFF781F462EE05980C14F57F347EDDCF8119E236C3290B580CEF6902E1B59FB4F546D6BD69F62479805B39AB0F3308EC1 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2 |
| Entropy (8bit): | 1.0 |
| Encrypted: | false |
| SSDEEP: | 3:H:H |
| MD5: | D751713988987E9331980363E24189CE |
| SHA1: | 97D170E1550EEE4AFC0AF065B78CDA302A97674C |
| SHA-256: | 4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945 |
| SHA-512: | B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 40 |
| Entropy (8bit): | 4.1275671571169275 |
| Encrypted: | false |
| SSDEEP: | 3:Y2ktGMxkAXWMSN:Y2xFMSN |
| MD5: | 20D4B8FA017A12A108C87F540836E250 |
| SHA1: | 1AC617FAC131262B6D3CE1F52F5907E31D5F6F00 |
| SHA-256: | 6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D |
| SHA-512: | 507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 36864 |
| Entropy (8bit): | 0.36515621748816035 |
| Encrypted: | false |
| SSDEEP: | 24:TLH3lIIAoDJ84l5lDlnDMlRlyKDtM6UwccWfp15fBIe:Tb31DtX5nDOvyKDhU1cSB |
| MD5: | 25363ADC3C9D98BAD1A33D0792405CBF |
| SHA1: | D06E343087D86EF1A06F7479D81B26C90A60B5C3 |
| SHA-256: | 6E019B8B9E389216D5BDF1F2FE63F41EF98E71DA101F2A6BE04F41CC5954532D |
| SHA-512: | CF7EEE35D0E00945AF221BEC531E8BF06C08880DA00BD103FA561BC069D7C6F955CBA3C1C152A4884601E5A670B7487D39B4AE9A4D554ED8C14F129A74E555F7 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\a97409a1-c135-4ea9-ad72-3b5eab0a47b2.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 111 |
| Entropy (8bit): | 4.718418993774295 |
| Encrypted: | false |
| SSDEEP: | 3:YLb9N+eAXRfHDH2LS7PMVKJq0nMb1KKtiVY:YHpoeS7PMVKJTnMRK3VY |
| MD5: | 285252A2F6327D41EAB203DC2F402C67 |
| SHA1: | ACEDB7BA5FBC3CE914A8BF386A6F72CA7BAA33C6 |
| SHA-256: | 5DFC321417FC31359F23320EA68014EBFD793C5BBED55F77DAB4180BBD4A2026 |
| SHA-512: | 11CE7CB484FEE66894E63C31DB0D6B7EF66AD0327D4E7E2EB85F3BCC2E836A3A522C68D681E84542E471E54F765E091EFE1EE4065641B0299B15613EB32DCC0D |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000001.dbtmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 61 |
| Entropy (8bit): | 3.7273991737283296 |
| Encrypted: | false |
| SSDEEP: | 3:S8ltHlS+QUl1ASEGhTFl:S85aEFl |
| MD5: | 9F7EADC15E13D0608B4E4D590499AE2E |
| SHA1: | AFB27F5C20B117031328E12DD3111A7681FF8DB5 |
| SHA-256: | 5C3A5B578AB9FE853EAD7040BC161929EA4F6902073BA2B8BB84487622B98923 |
| SHA-512: | 88455784C705F565C70FA0A549C54E2492976E14643E9DD0A8E58C560D003914313DF483F096BD33EC718AEEC7667B8DE063A73627AA3436BA6E7E562E565B3F |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\CURRENT (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 397 |
| Entropy (8bit): | 5.212976408731343 |
| Encrypted: | false |
| SSDEEP: | 6:jtDQkR1N723oH+Tcwt0jqEKj0QM72KLlFtTNjL+q2PN723oH+Tcwt0jqEKj0QMxh:CkxaYebqqB6LdNOvVaYebqqBZFUv |
| MD5: | AB5BB04F4FB84BBFDC9FF29A4ADE7184 |
| SHA1: | 0F978BBB65A8F4EACA242C3ED27FF25B3AE64C96 |
| SHA-256: | 015D974DA36A89186847D82B4DB47258E07BE62F9ABB2DBF7ACD88653B7D8BBD |
| SHA-512: | CC13B4C866A52A8960917AC8008C8D90CC002F641DEA276F12563F81C7EB1320A3E19EE4102F31C93BA00E083F9C0DB2C3BDDDAE5DCE5A74915EA20A59ECA41B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\MANIFEST-000001
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 41 |
| Entropy (8bit): | 4.704993772857998 |
| Encrypted: | false |
| SSDEEP: | 3:scoBAIxQRDKIVjn:scoBY7jn |
| MD5: | 5AF87DFD673BA2115E2FCF5CFDB727AB |
| SHA1: | D5B5BBF396DC291274584EF71F444F420B6056F1 |
| SHA-256: | F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4 |
| SHA-512: | DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\000001.dbtmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\000003.log
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 46 |
| Entropy (8bit): | 4.019797536844534 |
| Encrypted: | false |
| SSDEEP: | 3:sLollttz6sjlGXU2tkn:qolXtWswXU2tkn |
| MD5: | 90881C9C26F29FCA29815A08BA858544 |
| SHA1: | 06FEE974987B91D82C2839A4BB12991FA99E1BDD |
| SHA-256: | A2CA52E34B6138624AC2DD20349CDE28482143B837DB40A7F0FBDA023077C26A |
| SHA-512: | 15F7F8197B4FC46C4C5C2570FB1F6DD73CB125F9EE53DFA67F5A0D944543C5347BDAB5CCE95E91DD6C948C9023E23C7F9D76CFF990E623178C92F8D49150A625 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\CURRENT (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\LOG
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 301 |
| Entropy (8bit): | 5.245472852199977 |
| Encrypted: | false |
| SSDEEP: | 6:j034M1N723oH+Tcwtkx2KLlFEo0Vq2PN723oH+TcwtCIFUv:bsaYebkVLOvVaYebLFUv |
| MD5: | 589C339D5AB19B985A163649FF981919 |
| SHA1: | 5219FB1C0FC4ED8655F96BE8202325B05815E15E |
| SHA-256: | E05E117951EDEB4F35C368AAD9711199A520DC6C4B79EBDA52BE60D90107AB98 |
| SHA-512: | 5F74CC3526A0180443C69020BD7FC917D891E0DD294BCFFAB2CD3FDEA5A4CFA294789EA1EEF6157EE8AB77A78984E6FF5D1B6B66A2B12CBCE99B2EC7CB2FBFD2 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\MANIFEST-000001
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 41 |
| Entropy (8bit): | 4.704993772857998 |
| Encrypted: | false |
| SSDEEP: | 3:scoBAIxQRDKIVjn:scoBY7jn |
| MD5: | 5AF87DFD673BA2115E2FCF5CFDB727AB |
| SHA1: | D5B5BBF396DC291274584EF71F444F420B6056F1 |
| SHA-256: | F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4 |
| SHA-512: | DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 20480 |
| Entropy (8bit): | 0.3528485475628876 |
| Encrypted: | false |
| SSDEEP: | 12:TLiN6CZhDu6MvDOF5yEHFxOUwa5qguYZ75fOSiPe2d:TLiwCZwE8I6Uwcco5fBtC |
| MD5: | F2B4FB2D384AA4E4D6F4AEB0BBA217DC |
| SHA1: | 2CD70CFB3CE72D9B079170C360C1F563B6BF150E |
| SHA-256: | 1ECC07CD1D383472DAD33D2A5766625009EA5EACBAEDE2417ADA1842654CBBC8 |
| SHA-512: | 48D03991660FA1598B3E002F5BC5F0F05E9696BCB2289240FA8CCBB2C030CDD23245D4ECC0C64DA1E7C54B092C3E60AE0427358F63087018BF0E6CEDC471DD34 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 131072 |
| Entropy (8bit): | 0.002110589502647469 |
| Encrypted: | false |
| SSDEEP: | 3:ImtVS/:IiVS |
| MD5: | C0B2B340C9B4C6B76D03913FD32D7CC6 |
| SHA1: | BCFE3691D82F3FA31A9068726AA90373CCE96CE9 |
| SHA-256: | 8D6C2DE39EBAC5191E34F7C4D21D1ADDABCF37F1F7BF78909E3E35AF079C42F1 |
| SHA-512: | A5FE8DAB89592D70A52A1B2BE0ED3B9E8C538D4AA004D83037CA6AF69055532A7F211F7CFB7F032A5EDA4A1E7C0F6539417CCFC90A9C07DA3F2E4ABD4E8BA2E8 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 182272 |
| Entropy (8bit): | 1.0799648475053 |
| Encrypted: | false |
| SSDEEP: | 192:hrb2qAdB9TbTbuDDsnxCkOKSAzWn0lKOMq+JLVumYf6d7n66:h/2qOB1nxCkOKSACnqKOMq+pVum+Ip |
| MD5: | 3A7F65E9BA1B79999AEFB06C73C11467 |
| SHA1: | 00AC948E5D277B39B1B74E5E6237DD99052E9250 |
| SHA-256: | FD5BE061124F6B3FA5EEF370D1F9F29CDBC1F5DB077299533B3CFA215F7EC9E8 |
| SHA-512: | C151D463FBD3CB6F61978EB166FF47BE30C4DE51D5C0F5DD27DA8AAC72D318193BA7EE80C99411D36926ADE6EAC492C17A453747E669B81B0146F33B7B847018 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 14336 |
| Entropy (8bit): | 0.7836182415564406 |
| Encrypted: | false |
| SSDEEP: | 24:LLqlCouxhK3thdkSdj5QjUsEGcGBXp22iSBgm+xjgm:uOK3tjkSdj5IUltGhp22iSBgm+xj/ |
| MD5: | AA9965434F66985F0979719F3035C6E1 |
| SHA1: | 39FC31CBB2BB4F8FA8FB6C34154FB48FBCBAEEF4 |
| SHA-256: | F42877E694E9AFC76E1BBA279F6EC259E28A7E7C574EFDCC15D58EFAE06ECA09 |
| SHA-512: | 201667EAA3DF7DBCCF296DE6FCF4E79897C1BB744E29EF37235C44821A18EAD78697DFEB9253AA01C0DC28E5758E2AF50852685CDC9ECA1010DBAEE642590CEA |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\arbitration_service_config.json
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 11755 |
| Entropy (8bit): | 5.190465908239046 |
| Encrypted: | false |
| SSDEEP: | 192:hH4vrmqRBB4W4PoiUDNaxvR5FCHFcoaSbqGEDI:hH4vrmUB6W4jR3GaSbqGEDI |
| MD5: | 07301A857C41B5854E6F84CA00B81EA0 |
| SHA1: | 7441FC1018508FF4F3DBAA139A21634C08ED979C |
| SHA-256: | 2343C541E095E1D5F202E8D2A0807113E69E1969AF8E15E3644C51DB0BF33FBF |
| SHA-512: | 00ADE38E9D2F07C64648202F1D5F18A2DFB2781C0517EAEBCD567D8A77DBB7CB40A58B7C7D4EC03336A63A20D2E11DD64448F020C6FF72F06CA870AA2B4765E0 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\b7ea089a-e719-4579-b936-875d4aeba58a.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1 |
| Entropy (8bit): | 0.0 |
| Encrypted: | false |
| SSDEEP: | 3:L:L |
| MD5: | 5058F1AF8388633F609CADB75A75DC9D |
| SHA1: | 3A52CE780950D4D969792A2559CD519D7EE8C727 |
| SHA-256: | CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8 |
| SHA-512: | 0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\fdc56f35-8adc-4c3c-a8c7-e034f4d48c2d.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 6298 |
| Entropy (8bit): | 4.977672750904079 |
| Encrypted: | false |
| SSDEEP: | 96:styqfvis13b9U6DOq8znOs85eh6Cb7/x+6MhmuecmAeiaA2MB/EJ:stynsrqqkOs88bV+FiAxPBMJ |
| MD5: | 26874F9C0756A589ECD07389CB39D0C9 |
| SHA1: | 8DEC830A6CA3125E2BA0C55477905BD40EAA81CA |
| SHA-256: | 4B9528A9FBC6A9E14F7F2159D2197B665E6C91DEF7180269CBB767939003C523 |
| SHA-512: | 8A1A864F7EB2F7B319E4E9AA72F8C79378CA5CBB3CF713316690F2728C90BF7639A67D24E206C86C178EA26B6D5A11EFFDD39848BCDC5F9FAE938C9C9052574F |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\heavy_ad_intervention_opt_out.db
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16384 |
| Entropy (8bit): | 0.35226517389931394 |
| Encrypted: | false |
| SSDEEP: | 12:TLC+waBg9LBgVDBgQjiZBgKuFtuQkMbmgcVAzO5kMCgGUg5OR:TLPdBgtBgJBgQjiZS53uQFE27MCgGZsR |
| MD5: | D2CCDC36225684AAE8FA563AFEDB14E7 |
| SHA1: | 3759649035F23004A4C30A14C5F0B54191BEBF80 |
| SHA-256: | 080AEE864047C67CB1586A5BA5EDA007AFD18ECC2B702638287E386F159D7AEE |
| SHA-512: | 1A915AF643D688CA68AEDC1FF26C407D960D18DFDE838B417C437D7ADAC7B91C906E782DCC414784E64287915BD1DE5BB6A282E59AA9FEB8C384B4D4BC5F70EC |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 4096 |
| Entropy (8bit): | 0.0905602561507182 |
| Encrypted: | false |
| SSDEEP: | 3:lSWFN3sl+ltlMWll:l9Fys1M |
| MD5: | A8E75ACC11904CB877E15A0D0DE03941 |
| SHA1: | FBEE05EA246A7F08F7390237EA8B7E49204EF0E0 |
| SHA-256: | D78C40FEBE1BA7EC83660B78E3F6AB7BC45AB822B8F21B03B16B9CB4F3B3A259 |
| SHA-512: | A7B52B0575D451466A47AFFE3DCC0BC7FC9A6F8AB8194DA1F046AADA0EDDCCA76B4326AA9F19732BA50359B51EC72896BB8FA2FC23BAA6847C33AB51218511A4 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db-journal
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 512 |
| Entropy (8bit): | 0.28109187076190567 |
| Encrypted: | false |
| SSDEEP: | 3:7FEG2l/mpl1lFll:7+/l/i |
| MD5: | 84663D01A6E9DFC1D1D993B0945A77D6 |
| SHA1: | 75BCB07B6D34EE3C15C2052EAC9F06E30E2A6261 |
| SHA-256: | 33FF9429245FEAB283A038E9DF8BA9F16303CEE982531FF7AA7263A751169082 |
| SHA-512: | D47B3446D9E8F925953672404A152DC58724B4B237F926CE0352C2C2AD81BB0260566D3EEEB3FB53249AFF501E59480FB88797A7FD46A807F9C4CDD374BBD980 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db-shm
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 32768 |
| Entropy (8bit): | 0.049899871979391254 |
| Encrypted: | false |
| SSDEEP: | 6:GLW0ZjJWwW0ZjJWQL9X8hslotGLNl0ml/XoQDeX:aD7DrGEjVl/XoQ |
| MD5: | 5A5B1A2D46F2C8A1E86DFBE2169185FB |
| SHA1: | 76BB2C9E3C6469FAE919E8FB2C3DA9D7F8C36E2F |
| SHA-256: | 66350AB4E1FF4366BF1602A0614684E30D47394CC8A20DB38D976CEC3F1110E7 |
| SHA-512: | 184B1AFEE8985685B09A8D60C5114F560ED8916C44AB41D50EC1202CFFF40EF35D8C833D08FA29B44F768A5687166649208A8044ED8A23827BABD654EAE8EC16 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db-wal
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 70072 |
| Entropy (8bit): | 0.998024433488138 |
| Encrypted: | false |
| SSDEEP: | 48:RzxRXlO+1cbX+Vn9VAKAFXX+i2VAKAFXX+mxOqVAKAFXX+gPTnUYVAKAFXX+B02c:lxxfWNsuNskO5NsgPSNsBE |
| MD5: | 8C0FB3358AEB8B33192C7C73311DCCB8 |
| SHA1: | E05638B75709CEA2F1BA54E9FB8F079C00DC768D |
| SHA-256: | 509EDEDDD9675E984FF7D586EAB7E8707063E46709F0435F327CE369AE084F3D |
| SHA-512: | 7C9C2AD265B22E707FA685C6749FE623704E2F07109C21F51406DB36319CF9C4746290711BF72F360E40BDF2AD0F0F35C6EB069F83C3B738B48F4C89EFFEF957 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\000001.dbtmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\000003.log
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | modified |
| Size (bytes): | 1566 |
| Entropy (8bit): | 5.471911980252733 |
| Encrypted: | false |
| SSDEEP: | 48:e8SSBStVgQAPkuHRHXxtIYjIYzzVFqk2MYjMYjyMAlkfAlk43:J0t+QzkIYjIYzzjb2MYjMYFYcY93 |
| MD5: | 69BBABC1FABD9DF22D4A589AA298C350 |
| SHA1: | E76CD49471F1ED3A2B4445634F003432A90FB58C |
| SHA-256: | 3A88AD6D5EB3986BCEC02100D72EC59212166F5431D7EAFFFF015DD0FD8CFC61 |
| SHA-512: | 21AB4E5559886663E59D82E8D62399F41FA3E4923F99EEBDEE36F32400C78C04D94A4CBB322B39E99F84920DF30AF9164B5012AD8FBC09FE52988F73426971C4 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\CURRENT (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 297 |
| Entropy (8bit): | 5.23965403101798 |
| Encrypted: | false |
| SSDEEP: | 6:jTJQEq1N723oH+Tcwt0rl2KLlFgFzSVq2PN723oH+Tcwt0rK+IFUv:xQEaaYebeLszSVvVaYeb13FUv |
| MD5: | 4448378AF6FD41EB45ECA6D820F33488 |
| SHA1: | C53B17B763C5140A007E3E408FB8A593C1CACA57 |
| SHA-256: | DF1E7700B644C474D3950F10768CB79EBFCBFDF3B0EC6637F5582E6EFEAB7A68 |
| SHA-512: | 73684B78D523232F92C8AF2B31DC8DE60654B34F71147629B91A21AE3006340CEC4BFDBC75A0439AA2E36AE31E5A8A3149ABDB7DBD187EBE3F3399476367FF36 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\MANIFEST-000001
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 41 |
| Entropy (8bit): | 4.704993772857998 |
| Encrypted: | false |
| SSDEEP: | 3:scoBAIxQRDKIVjn:scoBY7jn |
| MD5: | 5AF87DFD673BA2115E2FCF5CFDB727AB |
| SHA1: | D5B5BBF396DC291274584EF71F444F420B6056F1 |
| SHA-256: | F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4 |
| SHA-512: | DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\000001.dbtmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\000003.log
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 729 |
| Entropy (8bit): | 3.958141412815535 |
| Encrypted: | false |
| SSDEEP: | 12:G0nYUtTNop//z3p/Wui+it/4JbZfPStub/RG0lbANqa:G0nYUtypD3RXi6FZfc25m |
| MD5: | FBC524D02048C176A0A5D1B8B752932A |
| SHA1: | 294C48557549A4C978326D9B7969E293A024F157 |
| SHA-256: | F3FC95AE128DB918FC126F15CD9D96618482BA6ACCC622AAA19B10CE80B15EA0 |
| SHA-512: | 9B6434442E11610B8B5DDA43AA56656599925C9C8F0A364DDB69D15B37A912D223EE600012468E0DB723CAF3546FFBDF56F085A0159EA7968BBACE894AAFF856 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\CURRENT (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16 |
| Entropy (8bit): | 3.2743974703476995 |
| Encrypted: | false |
| SSDEEP: | 3:1sjgWIV//Uv:1qIFUv |
| MD5: | 46295CAC801E5D4857D09837238A6394 |
| SHA1: | 44E0FA1B517DBF802B18FAF0785EEEA6AC51594B |
| SHA-256: | 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443 |
| SHA-512: | 8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\LOG
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 315 |
| Entropy (8bit): | 5.2048697810558435 |
| Encrypted: | false |
| SSDEEP: | 6:jdfEq1N723oH+Tcwt0rzs52KLlFTXVq2PN723oH+Tcwt0rzAdIFUv:hfEaaYeb99L3VvVaYebyFUv |
| MD5: | A5225D0282B9CC71F58773781336FA13 |
| SHA1: | ABBF7653F832C481AFA3139233CDE8400B3BAD6E |
| SHA-256: | B9225974C8EE7C4D2ACC064FA184D92F73EBA879C7B6BC8611C3642415F42477 |
| SHA-512: | 208438ABAAA8A4C0691C307CCDB2F1AEE610EE32D4B739C3E97D2C6BF19786733A9106A1C3B6E5AFAB2A650B1E724344499E6B4648103141D5023A2E9AA06122 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\MANIFEST-000001
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 41 |
| Entropy (8bit): | 4.704993772857998 |
| Encrypted: | false |
| SSDEEP: | 3:scoBAIxQRDKIVjn:scoBY7jn |
| MD5: | 5AF87DFD673BA2115E2FCF5CFDB727AB |
| SHA1: | D5B5BBF396DC291274584EF71F444F420B6056F1 |
| SHA-256: | F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4 |
| SHA-512: | DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8192 |
| Entropy (8bit): | 0.01057775872642915 |
| Encrypted: | false |
| SSDEEP: | 3:MsFl:/F |
| MD5: | CF89D16BB9107C631DAABF0C0EE58EFB |
| SHA1: | 3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B |
| SHA-256: | D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E |
| SHA-512: | 8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 270336 |
| Entropy (8bit): | 8.280239615765425E-4 |
| Encrypted: | false |
| SSDEEP: | 3:MsEllllkEthXllkl2:/M/xT02 |
| MD5: | D0D388F3865D0523E451D6BA0BE34CC4 |
| SHA1: | 8571C6A52AACC2747C048E3419E5657B74612995 |
| SHA-256: | 902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B |
| SHA-512: | 376011D00DE659EB6082A74E862CFAC97A9BB508E0B740761505142E2D24EC1C30AA61EFBC1C0DD08FF0F34734444DE7F77DD90A6CA42B48A4C7FAD5F0BDDD17 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8192 |
| Entropy (8bit): | 0.011852361981932763 |
| Encrypted: | false |
| SSDEEP: | 3:MsHlDll:/H |
| MD5: | 0962291D6D367570BEE5454721C17E11 |
| SHA1: | 59D10A893EF321A706A9255176761366115BEDCB |
| SHA-256: | EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7 |
| SHA-512: | F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8192 |
| Entropy (8bit): | 0.012340643231932763 |
| Encrypted: | false |
| SSDEEP: | 3:MsGl3ll:/y |
| MD5: | 41876349CB12D6DB992F1309F22DF3F0 |
| SHA1: | 5CF26B3420FC0302CD0A71E8D029739B8765BE27 |
| SHA-256: | E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C |
| SHA-512: | E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 262512 |
| Entropy (8bit): | 9.553120663130604E-4 |
| Encrypted: | false |
| SSDEEP: | 3:LsNl/6:Ls3 |
| MD5: | 428146F776CD5CCDC16AC41F26877E26 |
| SHA1: | 0AE10D0985E078DD9A5E180E42325DA888152DE4 |
| SHA-256: | A5C5D036B03903660ACCCB58330FE86F816A3FA7F2262FD30F8410A2FE2A7E4E |
| SHA-512: | 9B1298B8BF10F027A087C79C575A5D5CC9F793AE8A4F78458A789B4C648AEF4B406F00F662EC9B643475B4FF234DEC91FE738ADBD14BCBFC82F014F207831F8B |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8192 |
| Entropy (8bit): | 0.01057775872642915 |
| Encrypted: | false |
| SSDEEP: | 3:MsFl:/F |
| MD5: | CF89D16BB9107C631DAABF0C0EE58EFB |
| SHA1: | 3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B |
| SHA-256: | D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E |
| SHA-512: | 8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 270336 |
| Entropy (8bit): | 8.280239615765425E-4 |
| Encrypted: | false |
| SSDEEP: | 3:MsEllllkEthXllkl2:/M/xT02 |
| MD5: | D0D388F3865D0523E451D6BA0BE34CC4 |
| SHA1: | 8571C6A52AACC2747C048E3419E5657B74612995 |
| SHA-256: | 902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B |
| SHA-512: | 376011D00DE659EB6082A74E862CFAC97A9BB508E0B740761505142E2D24EC1C30AA61EFBC1C0DD08FF0F34734444DE7F77DD90A6CA42B48A4C7FAD5F0BDDD17 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8192 |
| Entropy (8bit): | 0.011852361981932763 |
| Encrypted: | false |
| SSDEEP: | 3:MsHlDll:/H |
| MD5: | 0962291D6D367570BEE5454721C17E11 |
| SHA1: | 59D10A893EF321A706A9255176761366115BEDCB |
| SHA-256: | EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7 |
| SHA-512: | F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8192 |
| Entropy (8bit): | 0.012340643231932763 |
| Encrypted: | false |
| SSDEEP: | 3:MsGl3ll:/y |
| MD5: | 41876349CB12D6DB992F1309F22DF3F0 |
| SHA1: | 5CF26B3420FC0302CD0A71E8D029739B8765BE27 |
| SHA-256: | E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C |
| SHA-512: | E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 262512 |
| Entropy (8bit): | 9.553120663130604E-4 |
| Encrypted: | false |
| SSDEEP: | 3:LsNlXl:Ls31 |
| MD5: | 3EE7B465D87CAE2FDFCF1976D5D84297 |
| SHA1: | CCC83E7D4CB2100AC0DCDCC30075E39F53180881 |
| SHA-256: | 11A0BFD3A0FAD0DF31775C6F62FE50945F6AA4D87C14F46EEA044675C84D7BB3 |
| SHA-512: | 19D309ACA1F362B0A4442EA98A76A6F00F08917FDE2C54D59F14846A857C522AB98C1C11A99C04E822A045F1899143EF6F2E53C640DBF2603232CCFAD084E8E7 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 120 |
| Entropy (8bit): | 3.32524464792714 |
| Encrypted: | false |
| SSDEEP: | 3:tbloIlrJFlXnpQoWcNylRjlgbYnPdJiG6R7lZAUAl:tbdlrYoWcV0n1IGi7kBl |
| MD5: | A397E5983D4A1619E36143B4D804B870 |
| SHA1: | AA135A8CC2469CFD1EF2D7955F027D95BE5DFBD4 |
| SHA-256: | 9C70F766D3B84FC2BB298EFA37CC9191F28BEC336329CC11468CFADBC3B137F4 |
| SHA-512: | 4159EA654152D2810C95648694DD71957C84EA825FCCA87B36F7E3282A72B30EF741805C610C5FA847CA186E34BDE9C289AAA7B6931C5B257F1D11255CD2A816 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 13 |
| Entropy (8bit): | 2.6612262562697895 |
| Encrypted: | false |
| SSDEEP: | 3:NYLFRQZ:ap2Z |
| MD5: | B64BD80D877645C2DD14265B1A856F8A |
| SHA1: | F7379E1A6F8CE062E891C56736C789C7EA77CD6A |
| SHA-256: | 83476CEEEB7682F41030664B4E17305986878D14E82D0C277FB99EC546B44569 |
| SHA-512: | 734A7316A269C76DD052D980CC0D5209C0BFEDFFC55B11C58FA25C433CE8A42536827298C3E58CACD68CC01593C23D39350E956E8DE2268D8D29918E1F0667F2 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1371 |
| Entropy (8bit): | 5.52804070213425 |
| Encrypted: | false |
| SSDEEP: | 24:YpQBqDPak7u5rrt1D7RTtFbBSPJNtyikwpoxJdXBuBuwBFmYaMNhoXXfQoTEtCYY:YuBqDPafPD7RpFbBkj5vpAgBzBIYFoXr |
| MD5: | 3358ED95A00B7A80F4F8A1DDB8BD081C |
| SHA1: | 85D14758F0A65F8DA792AD043940ADDE0BBD97C3 |
| SHA-256: | 5DEE6B8A0844B915E81F0B92F3D90BA11E0AF35FDF16078E93A238725B63AE24 |
| SHA-512: | C83154DBFFBC3ECCA97E45048A4B9B6D23A0343F94CB528BAC580AE731B12B83C3678A9C275BF1398ED57EC0A4D711D0828ACB00BDB1E0C1C1F252FB026965BA |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF34ebd.TMP (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1371 |
| Entropy (8bit): | 5.52804070213425 |
| Encrypted: | false |
| SSDEEP: | 24:YpQBqDPak7u5rrt1D7RTtFbBSPJNtyikwpoxJdXBuBuwBFmYaMNhoXXfQoTEtCYY:YuBqDPafPD7RpFbBkj5vpAgBzBIYFoXr |
| MD5: | 3358ED95A00B7A80F4F8A1DDB8BD081C |
| SHA1: | 85D14758F0A65F8DA792AD043940ADDE0BBD97C3 |
| SHA-256: | 5DEE6B8A0844B915E81F0B92F3D90BA11E0AF35FDF16078E93A238725B63AE24 |
| SHA-512: | C83154DBFFBC3ECCA97E45048A4B9B6D23A0343F94CB528BAC580AE731B12B83C3678A9C275BF1398ED57EC0A4D711D0828ACB00BDB1E0C1C1F252FB026965BA |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF34eec.TMP (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1371 |
| Entropy (8bit): | 5.52804070213425 |
| Encrypted: | false |
| SSDEEP: | 24:YpQBqDPak7u5rrt1D7RTtFbBSPJNtyikwpoxJdXBuBuwBFmYaMNhoXXfQoTEtCYY:YuBqDPafPD7RpFbBkj5vpAgBzBIYFoXr |
| MD5: | 3358ED95A00B7A80F4F8A1DDB8BD081C |
| SHA1: | 85D14758F0A65F8DA792AD043940ADDE0BBD97C3 |
| SHA-256: | 5DEE6B8A0844B915E81F0B92F3D90BA11E0AF35FDF16078E93A238725B63AE24 |
| SHA-512: | C83154DBFFBC3ECCA97E45048A4B9B6D23A0343F94CB528BAC580AE731B12B83C3678A9C275BF1398ED57EC0A4D711D0828ACB00BDB1E0C1C1F252FB026965BA |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF35025.TMP (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1371 |
| Entropy (8bit): | 5.52804070213425 |
| Encrypted: | false |
| SSDEEP: | 24:YpQBqDPak7u5rrt1D7RTtFbBSPJNtyikwpoxJdXBuBuwBFmYaMNhoXXfQoTEtCYY:YuBqDPafPD7RpFbBkj5vpAgBzBIYFoXr |
| MD5: | 3358ED95A00B7A80F4F8A1DDB8BD081C |
| SHA1: | 85D14758F0A65F8DA792AD043940ADDE0BBD97C3 |
| SHA-256: | 5DEE6B8A0844B915E81F0B92F3D90BA11E0AF35FDF16078E93A238725B63AE24 |
| SHA-512: | C83154DBFFBC3ECCA97E45048A4B9B6D23A0343F94CB528BAC580AE731B12B83C3678A9C275BF1398ED57EC0A4D711D0828ACB00BDB1E0C1C1F252FB026965BA |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF350ff.TMP (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1371 |
| Entropy (8bit): | 5.52804070213425 |
| Encrypted: | false |
| SSDEEP: | 24:YpQBqDPak7u5rrt1D7RTtFbBSPJNtyikwpoxJdXBuBuwBFmYaMNhoXXfQoTEtCYY:YuBqDPafPD7RpFbBkj5vpAgBzBIYFoXr |
| MD5: | 3358ED95A00B7A80F4F8A1DDB8BD081C |
| SHA1: | 85D14758F0A65F8DA792AD043940ADDE0BBD97C3 |
| SHA-256: | 5DEE6B8A0844B915E81F0B92F3D90BA11E0AF35FDF16078E93A238725B63AE24 |
| SHA-512: | C83154DBFFBC3ECCA97E45048A4B9B6D23A0343F94CB528BAC580AE731B12B83C3678A9C275BF1398ED57EC0A4D711D0828ACB00BDB1E0C1C1F252FB026965BA |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF37792.TMP (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1371 |
| Entropy (8bit): | 5.52804070213425 |
| Encrypted: | false |
| SSDEEP: | 24:YpQBqDPak7u5rrt1D7RTtFbBSPJNtyikwpoxJdXBuBuwBFmYaMNhoXXfQoTEtCYY:YuBqDPafPD7RpFbBkj5vpAgBzBIYFoXr |
| MD5: | 3358ED95A00B7A80F4F8A1DDB8BD081C |
| SHA1: | 85D14758F0A65F8DA792AD043940ADDE0BBD97C3 |
| SHA-256: | 5DEE6B8A0844B915E81F0B92F3D90BA11E0AF35FDF16078E93A238725B63AE24 |
| SHA-512: | C83154DBFFBC3ECCA97E45048A4B9B6D23A0343F94CB528BAC580AE731B12B83C3678A9C275BF1398ED57EC0A4D711D0828ACB00BDB1E0C1C1F252FB026965BA |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF3b73b.TMP (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1371 |
| Entropy (8bit): | 5.52804070213425 |
| Encrypted: | false |
| SSDEEP: | 24:YpQBqDPak7u5rrt1D7RTtFbBSPJNtyikwpoxJdXBuBuwBFmYaMNhoXXfQoTEtCYY:YuBqDPafPD7RpFbBkj5vpAgBzBIYFoXr |
| MD5: | 3358ED95A00B7A80F4F8A1DDB8BD081C |
| SHA1: | 85D14758F0A65F8DA792AD043940ADDE0BBD97C3 |
| SHA-256: | 5DEE6B8A0844B915E81F0B92F3D90BA11E0AF35FDF16078E93A238725B63AE24 |
| SHA-512: | C83154DBFFBC3ECCA97E45048A4B9B6D23A0343F94CB528BAC580AE731B12B83C3678A9C275BF1398ED57EC0A4D711D0828ACB00BDB1E0C1C1F252FB026965BA |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF43a46.TMP (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1371 |
| Entropy (8bit): | 5.52804070213425 |
| Encrypted: | false |
| SSDEEP: | 24:YpQBqDPak7u5rrt1D7RTtFbBSPJNtyikwpoxJdXBuBuwBFmYaMNhoXXfQoTEtCYY:YuBqDPafPD7RpFbBkj5vpAgBzBIYFoXr |
| MD5: | 3358ED95A00B7A80F4F8A1DDB8BD081C |
| SHA1: | 85D14758F0A65F8DA792AD043940ADDE0BBD97C3 |
| SHA-256: | 5DEE6B8A0844B915E81F0B92F3D90BA11E0AF35FDF16078E93A238725B63AE24 |
| SHA-512: | C83154DBFFBC3ECCA97E45048A4B9B6D23A0343F94CB528BAC580AE731B12B83C3678A9C275BF1398ED57EC0A4D711D0828ACB00BDB1E0C1C1F252FB026965BA |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF46166.TMP (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1371 |
| Entropy (8bit): | 5.52804070213425 |
| Encrypted: | false |
| SSDEEP: | 24:YpQBqDPak7u5rrt1D7RTtFbBSPJNtyikwpoxJdXBuBuwBFmYaMNhoXXfQoTEtCYY:YuBqDPafPD7RpFbBkj5vpAgBzBIYFoXr |
| MD5: | 3358ED95A00B7A80F4F8A1DDB8BD081C |
| SHA1: | 85D14758F0A65F8DA792AD043940ADDE0BBD97C3 |
| SHA-256: | 5DEE6B8A0844B915E81F0B92F3D90BA11E0AF35FDF16078E93A238725B63AE24 |
| SHA-512: | C83154DBFFBC3ECCA97E45048A4B9B6D23A0343F94CB528BAC580AE731B12B83C3678A9C275BF1398ED57EC0A4D711D0828ACB00BDB1E0C1C1F252FB026965BA |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF4c197.TMP (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1371 |
| Entropy (8bit): | 5.52804070213425 |
| Encrypted: | false |
| SSDEEP: | 24:YpQBqDPak7u5rrt1D7RTtFbBSPJNtyikwpoxJdXBuBuwBFmYaMNhoXXfQoTEtCYY:YuBqDPafPD7RpFbBkj5vpAgBzBIYFoXr |
| MD5: | 3358ED95A00B7A80F4F8A1DDB8BD081C |
| SHA1: | 85D14758F0A65F8DA792AD043940ADDE0BBD97C3 |
| SHA-256: | 5DEE6B8A0844B915E81F0B92F3D90BA11E0AF35FDF16078E93A238725B63AE24 |
| SHA-512: | C83154DBFFBC3ECCA97E45048A4B9B6D23A0343F94CB528BAC580AE731B12B83C3678A9C275BF1398ED57EC0A4D711D0828ACB00BDB1E0C1C1F252FB026965BA |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 20480 |
| Entropy (8bit): | 0.46731661083066856 |
| Encrypted: | false |
| SSDEEP: | 12:TL1QAFUxOUDaabZXiDiIF8izX4fhhdWeci2oesJaYi3is25q0S9K0xHZ75fOV:TLiOUOq0afDdWec9sJf5Q7J5fc |
| MD5: | E93ACF0820CA08E5A5D2D159729F70E3 |
| SHA1: | 2C1A4D4924B9AEC1A796F108607404B000877C5D |
| SHA-256: | F2267FDA7F45499F7A01186B75CEFB799F8D2BC97E2E9B5068952D477294302C |
| SHA-512: | 3BF36C20E04DCF1C16DC794E272F82F68B0DE43F16B4A9746B63B6D6BBC953B00BD7111CDA7AFE85CEBB2C447145483A382B15E2B0A5B36026C3441635D4E50C |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8192 |
| Entropy (8bit): | 0.01057775872642915 |
| Encrypted: | false |
| SSDEEP: | 3:MsFl:/F |
| MD5: | CF89D16BB9107C631DAABF0C0EE58EFB |
| SHA1: | 3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B |
| SHA-256: | D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E |
| SHA-512: | 8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 270336 |
| Entropy (8bit): | 8.280239615765425E-4 |
| Encrypted: | false |
| SSDEEP: | 3:MsEllllkEthXllkl2:/M/xT02 |
| MD5: | D0D388F3865D0523E451D6BA0BE34CC4 |
| SHA1: | 8571C6A52AACC2747C048E3419E5657B74612995 |
| SHA-256: | 902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B |
| SHA-512: | 376011D00DE659EB6082A74E862CFAC97A9BB508E0B740761505142E2D24EC1C30AA61EFBC1C0DD08FF0F34734444DE7F77DD90A6CA42B48A4C7FAD5F0BDDD17 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8192 |
| Entropy (8bit): | 0.011852361981932763 |
| Encrypted: | false |
| SSDEEP: | 3:MsHlDll:/H |
| MD5: | 0962291D6D367570BEE5454721C17E11 |
| SHA1: | 59D10A893EF321A706A9255176761366115BEDCB |
| SHA-256: | EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7 |
| SHA-512: | F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8192 |
| Entropy (8bit): | 0.012340643231932763 |
| Encrypted: | false |
| SSDEEP: | 3:MsGl3ll:/y |
| MD5: | 41876349CB12D6DB992F1309F22DF3F0 |
| SHA1: | 5CF26B3420FC0302CD0A71E8D029739B8765BE27 |
| SHA-256: | E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C |
| SHA-512: | E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 262512 |
| Entropy (8bit): | 9.553120663130604E-4 |
| Encrypted: | false |
| SSDEEP: | 3:LsNlh6Bll:Ls3hk |
| MD5: | 2122479355805B80945116C3FD2F52E4 |
| SHA1: | EFC33BB370B462B1A71EB8CF216B0F84164923B2 |
| SHA-256: | 207CBC90661050232546D41FEBE96F30AC610D2411B105F955241298381CA1FF |
| SHA-512: | A2D9807770D26F1980E377BD78779560D6DACC6E3B92EA2252A62189BC5895CF5C4E9FD1C3A003820AF9FB412E986EB8E91ABA706EC13AE25EB7C094DD886DC9 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSettings
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 47 |
| Entropy (8bit): | 4.3818353308528755 |
| Encrypted: | false |
| SSDEEP: | 3:2jRo6jhM6ceYcUtS2djIn:5I2uxUt5Mn |
| MD5: | 48324111147DECC23AC222A361873FC5 |
| SHA1: | 0DF8B2267ABBDBD11C422D23338262E3131A4223 |
| SHA-256: | D8D672F953E823063955BD9981532FC3453800C2E74C0CC3653D091088ABD3B3 |
| SHA-512: | E3B5DB7BA5E4E3DE3741F53D91B6B61D6EB9ECC8F4C07B6AE1C2293517F331B716114BAB41D7935888A266F7EBDA6FABA90023EFFEC850A929986053853F1E02 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 35 |
| Entropy (8bit): | 4.014438730983427 |
| Encrypted: | false |
| SSDEEP: | 3:YDMGA2ADH/AYKEqsYq:YQXT/bKE1F |
| MD5: | BB57A76019EADEDC27F04EB2FB1F1841 |
| SHA1: | 8B41A1B995D45B7A74A365B6B1F1F21F72F86760 |
| SHA-256: | 2BAE8302F9BD2D87AE26ACF692663DF1639B8E2068157451DA4773BD8BD30A2B |
| SHA-512: | A455D7F8E0BE9A27CFB7BE8FE0B0E722B35B4C8F206CAD99064473F15700023D5995CC2C4FAFDB8FBB50F0BAB3EC8B241E9A512C0766AAAE1A86C3472C589FFD |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSynchronousLookupUris
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 29 |
| Entropy (8bit): | 3.922828737239167 |
| Encrypted: | false |
| SSDEEP: | 3:2NGw+K+:fwZ+ |
| MD5: | 7BAAFE811F480ACFCCCEE0D744355C79 |
| SHA1: | 24B89AE82313084BB8BBEB9AD98A550F41DF7B27 |
| SHA-256: | D5743766AF0312C7B7728219FC24A03A4FB1C2A54A506F337953FBC2C1B847C7 |
| SHA-512: | 70FE1C197AF507CC0D65E99807D245C896A40A4271BA1121F9B621980877B43019E584C48780951FC1AD2A5D7D146FC6EA4678139A5B38F9B6F7A5F1E2E86BA3 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSynchronousLookupUris_0
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 35302 |
| Entropy (8bit): | 7.99333285466604 |
| Encrypted: | true |
| SSDEEP: | 768:rRhaFePY38QBsj61g3g01LXoDGPpgb8KbMcnjrQCckBuJyqk3x8cBBT:rLP+TBK6ZQLXSsaMcnHQQcox80 |
| MD5: | 0E06E28C3536360DE3486B1A9E5195E8 |
| SHA1: | EB768267F34EC16A6CCD1966DCA4C3C2870268AB |
| SHA-256: | F2658B1C913A96E75B45E6ADB464C8D796B34AC43BAF1635AA32E16D1752971C |
| SHA-512: | 45F1E909599E2F63372867BC359CF72FD846619DFEB5359E52D5700E0B1BCFFE5FF07606511A3BFFDDD933A0507195439457E4E29A49EB6451F26186B7240041 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\edgeSettings
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 18 |
| Entropy (8bit): | 3.5724312513221195 |
| Encrypted: | false |
| SSDEEP: | 3:kDnaV6bVon:kDYa2 |
| MD5: | 5692162977B015E31D5F35F50EFAB9CF |
| SHA1: | 705DC80E8B32AC8B68F7E13CF8A75DCCB251ED7D |
| SHA-256: | 42CCB5159B168DBE5D5DDF026E5F7ED3DBF50873CFE47C7C3EF0677BB07B90D4 |
| SHA-512: | 32905A4CC5BCE0FE8502DDD32096F40106625218BEDC4E218A344225D6DF2595A7B70EEB3695DCEFDD894ECB2B66BED479654E8E07F02526648E07ACFE47838C |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\edgeSettings_2.0-0
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 3581 |
| Entropy (8bit): | 4.459693941095613 |
| Encrypted: | false |
| SSDEEP: | 96:JTMhnytNaSA4BOsNQNhnUZTFGKDIWHCgL5tfHaaJzRHF+P1sYmnfHUdT+GWBH7Y/:KyMot7vjFU |
| MD5: | BDE38FAE28EC415384B8CFE052306D6C |
| SHA1: | 3019740AF622B58D573C00BF5C98DD77F3FBB5CD |
| SHA-256: | 1F4542614473AE103A5EE3DEEEC61D033A40271CFF891AAA6797534E4DBB4D20 |
| SHA-512: | 9C369D69298EBF087412EDA782EE72AFE5448FD0D69EA5141C2744EA5F6C36CDF70A51845CDC174838BAC0ADABDFA70DF6AEDBF6E7867578AE7C4B7805A8B55E |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\synchronousLookupUris
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 47 |
| Entropy (8bit): | 4.493433469104717 |
| Encrypted: | false |
| SSDEEP: | 3:kfKbQSQSuLA5:kyUc5 |
| MD5: | 3F90757B200B52DCF5FDAC696EFD3D60 |
| SHA1: | 569A2E1BED9ECCDF7CD03E270AEF2BD7FF9B0E77 |
| SHA-256: | 1EE63F0A3502CFB7DF195FABBA41A7805008AB2CCCDAEB9AF990409D163D60C8 |
| SHA-512: | 39252BBAA33130DF50F36178A8EAB1D09165666D8A229FBB3495DD01CBE964F87CD2E6FCD479DFCA36BE06309EF18FEDA7F14722C57545203BBA24972D4835C8 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\synchronousLookupUris_636976985063396749.rel.v2
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 35302 |
| Entropy (8bit): | 7.99333285466604 |
| Encrypted: | true |
| SSDEEP: | 768:rRhaFePY38QBsj61g3g01LXoDGPpgb8KbMcnjrQCckBuJyqk3x8cBBT:rLP+TBK6ZQLXSsaMcnHQQcox80 |
| MD5: | 0E06E28C3536360DE3486B1A9E5195E8 |
| SHA1: | EB768267F34EC16A6CCD1966DCA4C3C2870268AB |
| SHA-256: | F2658B1C913A96E75B45E6ADB464C8D796B34AC43BAF1635AA32E16D1752971C |
| SHA-512: | 45F1E909599E2F63372867BC359CF72FD846619DFEB5359E52D5700E0B1BCFFE5FF07606511A3BFFDDD933A0507195439457E4E29A49EB6451F26186B7240041 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\topTraffic
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 50 |
| Entropy (8bit): | 3.9904355005135823 |
| Encrypted: | false |
| SSDEEP: | 3:0xXF/XctY5GUf+:0RFeUf+ |
| MD5: | E144AFBFB9EE10479AE2A9437D3FC9CA |
| SHA1: | 5AAAC173107C688C06944D746394C21535B0514B |
| SHA-256: | EB28E8ED7C014F211BD81308853F407DF86AEBB5F80F8E4640C608CD772544C2 |
| SHA-512: | 837D15B3477C95D2D71391D677463A497D8D9FFBD7EB42E412DA262C9B5C82F22CE4338A0BEAA22C81A06ECA2DF7A9A98B7D61ECACE5F087912FD9BA7914AF3F |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 575056 |
| Entropy (8bit): | 7.999649474060713 |
| Encrypted: | true |
| SSDEEP: | 12288:fXdhUG0PlM/EXEBQlbk19RrH76Im4u8C1jJodha:Ji80e9Rb7Tm4u8CnR |
| MD5: | BE5D1A12C1644421F877787F8E76642D |
| SHA1: | 06C46A95B4BD5E145E015FA7E358A2D1AC52C809 |
| SHA-256: | C1CE928FBEF4EF5A4207ABAFD9AB6382CC29D11DDECC215314B0522749EF6A5A |
| SHA-512: | FD5B100E2F192164B77F4140ADF6DE0322F34D7B6F0CF14AED91BACAB18BB8F195F161F7CF8FB10651122A598CE474AC4DC39EDF47B6A85C90C854C2A3170960 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 86 |
| Entropy (8bit): | 4.3751917412896075 |
| Encrypted: | false |
| SSDEEP: | 3:YQ3JYq9xSs0dMEJAELJ2rjozQan:YQ3Kq9X0dMgAEwjM |
| MD5: | 961E3604F228B0D10541EBF921500C86 |
| SHA1: | 6E00570D9F78D9CFEBE67D4DA5EFE546543949A7 |
| SHA-256: | F7B24F2EB3D5EB0550527490395D2F61C3D2FE74BB9CB345197DAD81B58B5FED |
| SHA-512: | 535F930AFD2EF50282715C7E48859CC2D7B354FF4E6C156B94D5A2815F589B33189FFEDFCAF4456525283E993087F9F560D84CFCF497D189AB8101510A09C472 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\c1b00a67-ac05-44f2-873b-f9ae1814181f.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 3335 |
| Entropy (8bit): | 5.603483457834934 |
| Encrypted: | false |
| SSDEEP: | 96:0q8NkC1fPD7LeURj2KBrcvTGKlJkEcAbRSDS4S4SDS/Ae4a:/8NbND7dfjKrkEXI |
| MD5: | A83A07857C4A54646E7D3C17F6A3E7DE |
| SHA1: | F70EF756D7111936D70F1EA5D29280170947F328 |
| SHA-256: | 0881BA0B03AF2AD5F1C96429520D5D3ACDD561BE4814A11049DF0DA40C7751BD |
| SHA-512: | F75CA82E61A6B05621911A547E92C15A702295FF92DBD541F16CF40825DEA270B96E4B1F78350686AB38B4FA43F2B61E16DDF16A671C1E7229397C710117B023 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\c3551dcf-b904-4dab-a288-8fca07560bc0.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 4235 |
| Entropy (8bit): | 5.491307929255804 |
| Encrypted: | false |
| SSDEEP: | 96:0q8NkGS1fPD7LeU58rh/cI9URoDotoruTzBrcvTGKlJkEcAbRSDS4S4SDS/Ae4a:/8NBSND70eoDUiQjKrkEXI |
| MD5: | D88A9353937B9F4EA4AF12164DBAEE26 |
| SHA1: | DF7A1B6C41122409B56DF3F6C251395FB2E625E3 |
| SHA-256: | 6C21D808056089F85F2692D8D5477D0ABCF411D502B92AB5467C732B091CE861 |
| SHA-512: | DDBE9DCE1FC26E5CF11B392F62261DA7684E8EFA330EC48081E6B9504929E50D0105D68E4A87CA6071C50FB3CDB73F09638E51F10141592B073F13BE0930B443 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\df7ba035-ed0e-4d6a-a5d0-cec0581c1218.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1371 |
| Entropy (8bit): | 5.52804070213425 |
| Encrypted: | false |
| SSDEEP: | 24:YpQBqDPak7u5rrt1D7RTtFbBSPJNtyikwpoxJdXBuBuwBFmYaMNhoXXfQoTEtCYY:YuBqDPafPD7RpFbBkj5vpAgBzBIYFoXr |
| MD5: | 3358ED95A00B7A80F4F8A1DDB8BD081C |
| SHA1: | 85D14758F0A65F8DA792AD043940ADDE0BBD97C3 |
| SHA-256: | 5DEE6B8A0844B915E81F0B92F3D90BA11E0AF35FDF16078E93A238725B63AE24 |
| SHA-512: | C83154DBFFBC3ECCA97E45048A4B9B6D23A0343F94CB528BAC580AE731B12B83C3678A9C275BF1398ED57EC0A4D711D0828ACB00BDB1E0C1C1F252FB026965BA |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\f6db3188-62c2-4fad-aa26-e4cd1c1d3961.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2958 |
| Entropy (8bit): | 5.587720943184201 |
| Encrypted: | false |
| SSDEEP: | 48:YuBqDPEFMsFiHC0afPD7RpFbBkjUvpAkHB+udrxWvBIYSWR7+OJkXUcAhN4wlRkE:Xq8NkC1fPD7LeURDBrcvTB73JkEcAbdx |
| MD5: | A8692EBCFBB3329964BB0B9EB1DD5E29 |
| SHA1: | B8A2E8409C9DC5D740AA508A6485B2B80A8EE4B8 |
| SHA-256: | FEFA099CE0F641DD8A5CC6B7F219BE185A6F51A97434FB4AAE304E52BB5B3DCB |
| SHA-512: | 70FA1E60BEC1F7258533E5B2627BCA15A089809D4D857EC814535020AD39678F17F42F7C63498173B3470233CCEE05137DD4C4FDFD76DF50A4F8120F33F5627E |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\6ea0db88-fc0d-4cec-8f88-768d097c35ff.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 44962 |
| Entropy (8bit): | 6.096238924006079 |
| Encrypted: | false |
| SSDEEP: | 768:+DXzgWPsj/qlGJqIY8GB4xWMpi1zNtTFZJNhEDPFxf5ykKJDSgzMMd6qD47u3+CO:+/Ps+wsI7yOYFZJQKtSmd6qE7lFoC |
| MD5: | 227A7F985FCFB55DD0D002D13F3EE3F2 |
| SHA1: | 892ACF518F079A20F8BEB3E344E252CF6F975B7E |
| SHA-256: | E7BA8FB3034F325156887E75E36A8B7ED90EE4B6412B97D21E8FB003F34D2835 |
| SHA-512: | C1C2385A1F9D6A37EA7BA34F753A3A62F68CBDDD4E20E47CD11BFF245E2E690A5F136F951C45A2913A9505E61DE5D963BDEE4AC7BF23A291D7E4D7E27E89B865 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\70a14344-7b8e-4d2a-887a-d93aab7a2414.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 44455 |
| Entropy (8bit): | 6.08978167290333 |
| Encrypted: | false |
| SSDEEP: | 768:+DXzgWPsj/qlGJqIY8GB4kWSdi1zNtPMtkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynyekzItSmd6qE7lFoC |
| MD5: | C254A0753A39279C29328FD5B7522224 |
| SHA1: | CF5A74E5A54F3403A7CAF00A57A28C18FBECF0B4 |
| SHA-256: | FD55EEBC74788896D9CEEB975C013DF18155985D8A344775876596F546D70453 |
| SHA-512: | D11AADB269EB7D25DB115859C399D23ACDCE3075B2D72B9B77C69B2B91FD96794EBD5A6B7D40DEB00B537CFA84C0DAAE114993D48DB63635C60D3A3E54469D83 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\739194ea-8f09-4a7e-b417-638be5342cda.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 44963 |
| Entropy (8bit): | 6.096080046121655 |
| Encrypted: | false |
| SSDEEP: | 768:yDXzgWPsj/qlGJqIY8GB4xWVpi1zNtTFZJ9ZEPFMQPr+uFkKJDSgzMMd6qD47u3S:y/Ps+wsI7yO5FZJ7KtSmd6qE7lFoC |
| MD5: | 40480AB80E9A8601E72C4077A387B4D5 |
| SHA1: | 14DA4E19A2BEDFB59401FCE5987C969EB3A7329F |
| SHA-256: | 3DC27B844C8A55D28BC10D2E4E058D07D1142D69A2589FCAF748ED6D9A4296DB |
| SHA-512: | C28BE87686973AA3FD7F2CF2EF154A9C6AD79258BCE8F6289662AC26FAB9849E80DEB00D1F6F86879322AA30D7EAA9FB4AEA822571F10810D838D03C3A59AABD |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\8bdd5c9a-e49f-4364-b1ed-2060e06b4cac.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 44963 |
| Entropy (8bit): | 6.096232737767981 |
| Encrypted: | false |
| SSDEEP: | 768:yDXzgWPsj/qlGJqIY8GB4xWVpi1zNtTFZJNoEDPFxf5ykKJDSgzMMd6qD47u3+CO:y/Ps+wsI7yO5FZJPKtSmd6qE7lFoC |
| MD5: | 33A4E3D891C512A14DEBF48DE166BD5A |
| SHA1: | D75C549E8647F3A3B17465DF75353A95BACEA407 |
| SHA-256: | BD7A3684BE166DDBDA294C7B8B97606889F85CDD7BBA3251F2BA7D806C44975F |
| SHA-512: | FCB7A00FFF0A2A50315262C1941484269AB061F695429DA18A85DAB096C81B137407066182A5681FC2C4F0E65B99C48E19EF6179C3E9B4B56D68063A4043A542 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\9f5f00a3-cd86-4676-b94a-898f2ffd36bc.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 44963 |
| Entropy (8bit): | 6.096232737767981 |
| Encrypted: | false |
| SSDEEP: | 768:yDXzgWPsj/qlGJqIY8GB4xWVpi1zNtTFZJNoEDPFxf5ykKJDSgzMMd6qD47u3+CO:y/Ps+wsI7yO5FZJPKtSmd6qE7lFoC |
| MD5: | 33A4E3D891C512A14DEBF48DE166BD5A |
| SHA1: | D75C549E8647F3A3B17465DF75353A95BACEA407 |
| SHA-256: | BD7A3684BE166DDBDA294C7B8B97606889F85CDD7BBA3251F2BA7D806C44975F |
| SHA-512: | FCB7A00FFF0A2A50315262C1941484269AB061F695429DA18A85DAB096C81B137407066182A5681FC2C4F0E65B99C48E19EF6179C3E9B4B56D68063A4043A542 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66D3778A-20E0.pma
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 4194304 |
| Entropy (8bit): | 0.12353191088270751 |
| Encrypted: | false |
| SSDEEP: | 768:96jt3UN7i4TUY20xd0Ab/Hjo6h8rRGOwjIkhj+RGO:96Z3Uxi4QYx8Ab/Do6URGv9hj+RG |
| MD5: | 08A11155B41D1800108E3C59B938E05E |
| SHA1: | A420AFA40D6DF6749E687D7F6B134FB7242B2008 |
| SHA-256: | 4105AECB101E4AFE05A791C361E53E8BD8F25D7FFB6F12C93453B17D93605A0A |
| SHA-512: | CB76859105CB6B777D3F10DD0144D34BE79E2A99F5AC80E075B5EF46BB69879747F9C32562FD80B072DCCCD81EEF89E1F6D0A826302292D79116E02179C27990 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 280 |
| Entropy (8bit): | 4.0984945491284295 |
| Encrypted: | false |
| SSDEEP: | 3:FiWWltlcUpPmPIijS3XbnbO6YBVP/Sh/JzvbYuDRBOc7cEJHCll:o1cUh4Y3LbO/BVsJDbYuDRBOycd |
| MD5: | AFAC5E4CC1213807ACB7D1A0F61BCF99 |
| SHA1: | FEDCA0A829A0DBCCD1E9D7048398372FF9604783 |
| SHA-256: | FF48F538CBF3D665C9B115D6F3F6459E0CD7D9DF368E921E5A4BF2CA88E3C55F |
| SHA-512: | 44F1A7E8C8DD1D5CE625AE26ED4074900A979ACD34BAFB3D3B354145690D37D34E07F2D0D9DEE81BE80EAFA9E3973AB11AD6E85EB23A804958584D8DB4902D66 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\17dc9e03-4b0a-4a15-a028-2818754d93cd.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 7818 |
| Entropy (8bit): | 5.084896917442598 |
| Encrypted: | false |
| SSDEEP: | 96:stpqKos13bDcwfiwXnMwjTrEm8z0sY5eh6Cb7/x+6MhmuecmAeZdDUqCML/EJ:stpost6wFvrEmk0sY8bV+FiAYUqbLMJ |
| MD5: | 1280802A2362D2984CB2966B742E5D90 |
| SHA1: | E6011DF6D89F8BCD2F8834F77CFB432595A5BFB5 |
| SHA-256: | F8D374DE2F817CA7E4F5C11CA9773DA28D68ADFB3C23D41A1F339208B7002184 |
| SHA-512: | 58670202F9B669D193E72A0C65FDB37D710F5A5009014594D7140D7A0B36FB669C69C0FCCD25D1D151127FE8F72ED760E00C882079A66EAC18AB61501B395A22 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\25616670-7744-4ca0-a854-b108d8c60d12.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1 |
| Entropy (8bit): | 0.0 |
| Encrypted: | false |
| SSDEEP: | 3:L:L |
| MD5: | 5058F1AF8388633F609CADB75A75DC9D |
| SHA1: | 3A52CE780950D4D969792A2559CD519D7EE8C727 |
| SHA-256: | CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8 |
| SHA-512: | 0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 352 |
| Entropy (8bit): | 5.229550444181697 |
| Encrypted: | false |
| SSDEEP: | 6:jBf+q2PN723oH+TcwtnG2tMsIFUt8SBfZmw+SBfVkwON723oH+TcwtnG2tMsLJ:MvVaYebn9GFUt8S/+e5OaYebn95J |
| MD5: | CE51CE0D30CF3D38802B6C5341819D84 |
| SHA1: | 1C883410428A076DF73D7594641C20B71B1F9019 |
| SHA-256: | 1490574380EFB7411CBE396557C657D2F921E8AC25907D8B5D8F643EFF7FD028 |
| SHA-512: | 6F76F4FE62F728CCAD7A3E0D9A4A4FEAE336295DF752D2E4F19749F4382D908210AC59B19D6CF105347A393A5D4B181D8BC84C819362A56039001C3E114393FE |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 352 |
| Entropy (8bit): | 5.229550444181697 |
| Encrypted: | false |
| SSDEEP: | 6:jBf+q2PN723oH+TcwtnG2tMsIFUt8SBfZmw+SBfVkwON723oH+TcwtnG2tMsLJ:MvVaYebn9GFUt8S/+e5OaYebn95J |
| MD5: | CE51CE0D30CF3D38802B6C5341819D84 |
| SHA1: | 1C883410428A076DF73D7594641C20B71B1F9019 |
| SHA-256: | 1490574380EFB7411CBE396557C657D2F921E8AC25907D8B5D8F643EFF7FD028 |
| SHA-512: | 6F76F4FE62F728CCAD7A3E0D9A4A4FEAE336295DF752D2E4F19749F4382D908210AC59B19D6CF105347A393A5D4B181D8BC84C819362A56039001C3E114393FE |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old~RF3b140.TMP (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 352 |
| Entropy (8bit): | 5.229550444181697 |
| Encrypted: | false |
| SSDEEP: | 6:jBf+q2PN723oH+TcwtnG2tMsIFUt8SBfZmw+SBfVkwON723oH+TcwtnG2tMsLJ:MvVaYebn9GFUt8S/+e5OaYebn95J |
| MD5: | CE51CE0D30CF3D38802B6C5341819D84 |
| SHA1: | 1C883410428A076DF73D7594641C20B71B1F9019 |
| SHA-256: | 1490574380EFB7411CBE396557C657D2F921E8AC25907D8B5D8F643EFF7FD028 |
| SHA-512: | 6F76F4FE62F728CCAD7A3E0D9A4A4FEAE336295DF752D2E4F19749F4382D908210AC59B19D6CF105347A393A5D4B181D8BC84C819362A56039001C3E114393FE |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 380 |
| Entropy (8bit): | 1.8784775129881184 |
| Encrypted: | false |
| SSDEEP: | 6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWW |
| MD5: | 9FE07A071FDA31327FA322B32FCA0B7E |
| SHA1: | A3E0BAE8853A163C9BB55F68616C795AAAF462E8 |
| SHA-256: | E02333C0359406998E3FED40B69B61C9D28B2117CF9E6C0239E2E13EC13BA7C8 |
| SHA-512: | 9CCE621CD5B7CFBD899ABCBDD71235776FF9FF7DEA19C67F86E7F0603F7B09CA294CC16B672B742FA9B51387B2F0A501C3446872980BCA69ADE13F2B5677601D |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 328 |
| Entropy (8bit): | 5.149660701139435 |
| Encrypted: | false |
| SSDEEP: | 6:j2S+q2PN723oH+Tcwt8aPrqIFUt8S9XZmw+S93VkwON723oH+Tcwt8amLJ:yjvVaYebL3FUt8C/+u5OaYebQJ |
| MD5: | F870AA258CDBB7086E0A665D4A42C8B3 |
| SHA1: | 6614716BE89E8BFCFCA4BCF042F20E5DA357B9CF |
| SHA-256: | 674AAA0A3522C32283AF689FF5F85B5E4CB9B4679FC18D94526816B99E9E6D62 |
| SHA-512: | 07D4602944BFA562E8D559BE9617D98E7327593CFAF5B784A9F732DD7FD27754BE0DE73961E8863ECB33FC92AC6B3536E0BC53E7632648360638AEEA30C44A23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 328 |
| Entropy (8bit): | 5.149660701139435 |
| Encrypted: | false |
| SSDEEP: | 6:j2S+q2PN723oH+Tcwt8aPrqIFUt8S9XZmw+S93VkwON723oH+Tcwt8amLJ:yjvVaYebL3FUt8C/+u5OaYebQJ |
| MD5: | F870AA258CDBB7086E0A665D4A42C8B3 |
| SHA1: | 6614716BE89E8BFCFCA4BCF042F20E5DA357B9CF |
| SHA-256: | 674AAA0A3522C32283AF689FF5F85B5E4CB9B4679FC18D94526816B99E9E6D62 |
| SHA-512: | 07D4602944BFA562E8D559BE9617D98E7327593CFAF5B784A9F732DD7FD27754BE0DE73961E8863ECB33FC92AC6B3536E0BC53E7632648360638AEEA30C44A23 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 380 |
| Entropy (8bit): | 1.8784775129881184 |
| Encrypted: | false |
| SSDEEP: | 6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWW |
| MD5: | 9FE07A071FDA31327FA322B32FCA0B7E |
| SHA1: | A3E0BAE8853A163C9BB55F68616C795AAAF462E8 |
| SHA-256: | E02333C0359406998E3FED40B69B61C9D28B2117CF9E6C0239E2E13EC13BA7C8 |
| SHA-512: | 9CCE621CD5B7CFBD899ABCBDD71235776FF9FF7DEA19C67F86E7F0603F7B09CA294CC16B672B742FA9B51387B2F0A501C3446872980BCA69ADE13F2B5677601D |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 332 |
| Entropy (8bit): | 5.15904707792414 |
| Encrypted: | false |
| SSDEEP: | 6:j7sN+q2PN723oH+Tcwt865IFUt8S5tWtZZmw+S3wVkwON723oH+Tcwt86+ULJ:kIvVaYeb/WFUt8ctWtZ/+x5OaYeb/+SJ |
| MD5: | 42C443A0F0F4AD605FC9D38D4964F5CE |
| SHA1: | C2C3B274875805AE339F0B92A23D2363A21ECB7C |
| SHA-256: | 6C08CE37FDAF41352C740E3A4753FD325CAAEF97AE2C4CD98B66BA689FE77F1A |
| SHA-512: | 1E46DF29615651A53254E03633C6D7BACD9A83F163B5A7384F58C44D3209C22EDD291341DA0F4AC9B6C2E3D525977DD311FA39720F7420FBBF8477459784BB60 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 332 |
| Entropy (8bit): | 5.15904707792414 |
| Encrypted: | false |
| SSDEEP: | 6:j7sN+q2PN723oH+Tcwt865IFUt8S5tWtZZmw+S3wVkwON723oH+Tcwt86+ULJ:kIvVaYeb/WFUt8ctWtZ/+x5OaYeb/+SJ |
| MD5: | 42C443A0F0F4AD605FC9D38D4964F5CE |
| SHA1: | C2C3B274875805AE339F0B92A23D2363A21ECB7C |
| SHA-256: | 6C08CE37FDAF41352C740E3A4753FD325CAAEF97AE2C4CD98B66BA689FE77F1A |
| SHA-512: | 1E46DF29615651A53254E03633C6D7BACD9A83F163B5A7384F58C44D3209C22EDD291341DA0F4AC9B6C2E3D525977DD311FA39720F7420FBBF8477459784BB60 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1140 |
| Entropy (8bit): | 1.8784775129881184 |
| Encrypted: | false |
| SSDEEP: | 12:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW: |
| MD5: | 914FD8DC5F9A741C6947E1AB12A9D113 |
| SHA1: | 6529EFE14E7B0BEA47D78B147243096408CDAAE4 |
| SHA-256: | 8BE3C96EE64B5D2768057EA1C4D1A70F40A0041585F3173806E2278E9300960B |
| SHA-512: | 2862BF83C061414EFA2AC035FFC25BA9C4ED523B430FDEEED4974F55D4450A62766C2E799D0ACDB8269210078547048ACAABFD78EDE6AB91133E30F6B5EBFFBD |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 328 |
| Entropy (8bit): | 5.190850703538519 |
| Encrypted: | false |
| SSDEEP: | 6:jc+q2PN723oH+Tcwt8NIFUt8SauIZmw+SbTkwON723oH+Tcwt8+eLJ:Q+vVaYebpFUt8aI/+25OaYebqJ |
| MD5: | 45F7D798139C43562871A6B15743D3A4 |
| SHA1: | 0A071AE8283F8F7D48C87D8E9E73973CEBBAA6B9 |
| SHA-256: | AC3F0B4117FC390B73B16972F2603D9C7F061C4BBEED25849C7625147B083D38 |
| SHA-512: | 5D5CB661DDB313935D122023C497992CB52DD25F30840DCA9468B2A65C1130593EC35851DC7806261419ABA33D5027F6C4EF00B73FC8C4E3DBAE9B7CA048C19D |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 328 |
| Entropy (8bit): | 5.190850703538519 |
| Encrypted: | false |
| SSDEEP: | 6:jc+q2PN723oH+Tcwt8NIFUt8SauIZmw+SbTkwON723oH+Tcwt8+eLJ:Q+vVaYebpFUt8aI/+25OaYebqJ |
| MD5: | 45F7D798139C43562871A6B15743D3A4 |
| SHA1: | 0A071AE8283F8F7D48C87D8E9E73973CEBBAA6B9 |
| SHA-256: | AC3F0B4117FC390B73B16972F2603D9C7F061C4BBEED25849C7625147B083D38 |
| SHA-512: | 5D5CB661DDB313935D122023C497992CB52DD25F30840DCA9468B2A65C1130593EC35851DC7806261419ABA33D5027F6C4EF00B73FC8C4E3DBAE9B7CA048C19D |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old~RF3b17e.TMP (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 328 |
| Entropy (8bit): | 5.190850703538519 |
| Encrypted: | false |
| SSDEEP: | 6:jc+q2PN723oH+Tcwt8NIFUt8SauIZmw+SbTkwON723oH+Tcwt8+eLJ:Q+vVaYebpFUt8aI/+25OaYebqJ |
| MD5: | 45F7D798139C43562871A6B15743D3A4 |
| SHA1: | 0A071AE8283F8F7D48C87D8E9E73973CEBBAA6B9 |
| SHA-256: | AC3F0B4117FC390B73B16972F2603D9C7F061C4BBEED25849C7625147B083D38 |
| SHA-512: | 5D5CB661DDB313935D122023C497992CB52DD25F30840DCA9468B2A65C1130593EC35851DC7806261419ABA33D5027F6C4EF00B73FC8C4E3DBAE9B7CA048C19D |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 340 |
| Entropy (8bit): | 5.154162523092152 |
| Encrypted: | false |
| SSDEEP: | 6:jtRZ0Vq2PN723oH+Tcwt8a2jMGIFUt8StRGug0gZmw+StR65IkwON723oH+Tcwtw:pMvVaYeb8EFUt819/+w5OaYeb8bJ |
| MD5: | EBCA932DF8C73ADCEDB4C67A0CF0534F |
| SHA1: | 6CBBB98FDCA62CC89711F1425B6435722998CDE1 |
| SHA-256: | 624CB19A236D6AFFF3442E2C989ADF749272E866289DB26F80CFF234A38A578D |
| SHA-512: | 1158ECD8AF01BD2D4D5619EBDDB923D0625F9AC16E66520D5A967B81A418497BA8B85BF56E73BE82043B60183F8D9CC938B80552EB39B02157C29AA19F125576 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 340 |
| Entropy (8bit): | 5.154162523092152 |
| Encrypted: | false |
| SSDEEP: | 6:jtRZ0Vq2PN723oH+Tcwt8a2jMGIFUt8StRGug0gZmw+StR65IkwON723oH+Tcwtw:pMvVaYeb8EFUt819/+w5OaYeb8bJ |
| MD5: | EBCA932DF8C73ADCEDB4C67A0CF0534F |
| SHA1: | 6CBBB98FDCA62CC89711F1425B6435722998CDE1 |
| SHA-256: | 624CB19A236D6AFFF3442E2C989ADF749272E866289DB26F80CFF234A38A578D |
| SHA-512: | 1158ECD8AF01BD2D4D5619EBDDB923D0625F9AC16E66520D5A967B81A418497BA8B85BF56E73BE82043B60183F8D9CC938B80552EB39B02157C29AA19F125576 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\807fc8f5-7901-4b82-ad82-eb86b7338b0f.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 61 |
| Entropy (8bit): | 3.926136109079379 |
| Encrypted: | false |
| SSDEEP: | 3:YLb9N+eAXRfHDH2LSL:YHpoeSL |
| MD5: | 4DF4574BFBB7E0B0BC56C2C9B12B6C47 |
| SHA1: | 81EFCBD3E3DA8221444A21F45305AF6FA4B71907 |
| SHA-256: | E1B77550222C2451772C958E44026ABE518A2C8766862F331765788DDD196377 |
| SHA-512: | 78B14F60F2D80400FE50360CF303A961685396B7697775D078825A29B717081442D357C2039AD0984D4B622976B0314EDE8F478CDE320DAEC118DA546CB0682A |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 61 |
| Entropy (8bit): | 3.926136109079379 |
| Encrypted: | false |
| SSDEEP: | 3:YLb9N+eAXRfHDH2LSL:YHpoeSL |
| MD5: | 4DF4574BFBB7E0B0BC56C2C9B12B6C47 |
| SHA1: | 81EFCBD3E3DA8221444A21F45305AF6FA4B71907 |
| SHA-256: | E1B77550222C2451772C958E44026ABE518A2C8766862F331765788DDD196377 |
| SHA-512: | 78B14F60F2D80400FE50360CF303A961685396B7697775D078825A29B717081442D357C2039AD0984D4B622976B0314EDE8F478CDE320DAEC118DA546CB0682A |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2 |
| Entropy (8bit): | 1.0 |
| Encrypted: | false |
| SSDEEP: | 3:H:H |
| MD5: | D751713988987E9331980363E24189CE |
| SHA1: | 97D170E1550EEE4AFC0AF065B78CDA302A97674C |
| SHA-256: | 4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945 |
| SHA-512: | B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\b1ec4287-c0a4-4ea1-98ce-ee1ad8af3dcf.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2 |
| Entropy (8bit): | 1.0 |
| Encrypted: | false |
| SSDEEP: | 3:H:H |
| MD5: | D751713988987E9331980363E24189CE |
| SHA1: | 97D170E1550EEE4AFC0AF065B78CDA302A97674C |
| SHA-256: | 4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945 |
| SHA-512: | B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 7818 |
| Entropy (8bit): | 5.084896917442598 |
| Encrypted: | false |
| SSDEEP: | 96:stpqKos13bDcwfiwXnMwjTrEm8z0sY5eh6Cb7/x+6MhmuecmAeZdDUqCML/EJ:stpost6wFvrEmk0sY8bV+FiAYUqbLMJ |
| MD5: | 1280802A2362D2984CB2966B742E5D90 |
| SHA1: | E6011DF6D89F8BCD2F8834F77CFB432595A5BFB5 |
| SHA-256: | F8D374DE2F817CA7E4F5C11CA9773DA28D68ADFB3C23D41A1F339208B7002184 |
| SHA-512: | 58670202F9B669D193E72A0C65FDB37D710F5A5009014594D7140D7A0B36FB669C69C0FCCD25D1D151127FE8F72ED760E00C882079A66EAC18AB61501B395A22 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3b2c7.TMP (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 7818 |
| Entropy (8bit): | 5.084896917442598 |
| Encrypted: | false |
| SSDEEP: | 96:stpqKos13bDcwfiwXnMwjTrEm8z0sY5eh6Cb7/x+6MhmuecmAeZdDUqCML/EJ:stpost6wFvrEmk0sY8bV+FiAYUqbLMJ |
| MD5: | 1280802A2362D2984CB2966B742E5D90 |
| SHA1: | E6011DF6D89F8BCD2F8834F77CFB432595A5BFB5 |
| SHA-256: | F8D374DE2F817CA7E4F5C11CA9773DA28D68ADFB3C23D41A1F339208B7002184 |
| SHA-512: | 58670202F9B669D193E72A0C65FDB37D710F5A5009014594D7140D7A0B36FB669C69C0FCCD25D1D151127FE8F72ED760E00C882079A66EAC18AB61501B395A22 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 24691 |
| Entropy (8bit): | 5.568516254732926 |
| Encrypted: | false |
| SSDEEP: | 768:9VS4cXWa3W5wNgf44L8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPeuIYl1prwXU4pFtZ:9YFXN3WaNgfFLu1jazkTaFtZ |
| MD5: | 99A3F6D1E6B37FA8D7FB468AC3B7A409 |
| SHA1: | 993BD71BCB791109DCFECFCB8426812C169012B8 |
| SHA-256: | 39B5B6401AFAD6B911C00773C4F51BDC929EF8E8657E26A60EB4B50BFEF6ACE8 |
| SHA-512: | B35ED372D1C134FCB789B7539CF8D435E82BB930CAE42249C4380461677CEA443517F6DF055673E91E0DF3A66D1B8BAA99A6B8B992E2CD9355B86D394919209C |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 328 |
| Entropy (8bit): | 5.119188345630578 |
| Encrypted: | false |
| SSDEEP: | 6:jtR+PSVq2PN723oH+TcwtrQMxIFUt8StR8qgZmw+StR6ug0IkwON723oH+Tcwtrb:9vVaYebCFUt8dP/+C45OaYebtJ |
| MD5: | BC6EF8CC3CEACE318040FCE63CBEA45E |
| SHA1: | E61136CC1C4587BE4E00AA1B9FFFB42D12D187E5 |
| SHA-256: | 15191C811ACC15EF04E20BC24D61E6E6940019EED5D777D44238F5609932FF3E |
| SHA-512: | 9E07181DB7072825862DF81F937050495ABB0ED0A49B3BA0B5490CBBCB83144A66B5ABB90BA2F25443F00FB5F4B739861C2A73B48A70002B180540DCF032AC21 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 328 |
| Entropy (8bit): | 5.119188345630578 |
| Encrypted: | false |
| SSDEEP: | 6:jtR+PSVq2PN723oH+TcwtrQMxIFUt8StR8qgZmw+StR6ug0IkwON723oH+Tcwtrb:9vVaYebCFUt8dP/+C45OaYebtJ |
| MD5: | BC6EF8CC3CEACE318040FCE63CBEA45E |
| SHA1: | E61136CC1C4587BE4E00AA1B9FFFB42D12D187E5 |
| SHA-256: | 15191C811ACC15EF04E20BC24D61E6E6940019EED5D777D44238F5609932FF3E |
| SHA-512: | 9E07181DB7072825862DF81F937050495ABB0ED0A49B3BA0B5490CBBCB83144A66B5ABB90BA2F25443F00FB5F4B739861C2A73B48A70002B180540DCF032AC21 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 356 |
| Entropy (8bit): | 5.155578431060995 |
| Encrypted: | false |
| SSDEEP: | 6:jv4q2PN723oH+Tcwt7Uh2ghZIFUt8SvJZmw+SvDkwON723oH+Tcwt7Uh2gnLJ:cvVaYebIhHh2FUt86/+G5OaYebIhHLJ |
| MD5: | 628E6B685837E05720D686B2EB70AAB9 |
| SHA1: | 6A137592E6D31A5A495CD777DF2162CC4C246005 |
| SHA-256: | BAB90E44386A2DB5D240FAC57E8975D061D862F2850ED72B85E0450C3D111B68 |
| SHA-512: | CAE699AE49438811F247E1EE86F2302AB338B8833E57B9AAF111A8BEB335A3B44EA6CBA436AF2430373601B46E472D702976056777BFE8CE8DC2D871AE6AB43A |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 356 |
| Entropy (8bit): | 5.155578431060995 |
| Encrypted: | false |
| SSDEEP: | 6:jv4q2PN723oH+Tcwt7Uh2ghZIFUt8SvJZmw+SvDkwON723oH+Tcwt7Uh2gnLJ:cvVaYebIhHh2FUt86/+G5OaYebIhHLJ |
| MD5: | 628E6B685837E05720D686B2EB70AAB9 |
| SHA1: | 6A137592E6D31A5A495CD777DF2162CC4C246005 |
| SHA-256: | BAB90E44386A2DB5D240FAC57E8975D061D862F2850ED72B85E0450C3D111B68 |
| SHA-512: | CAE699AE49438811F247E1EE86F2302AB338B8833E57B9AAF111A8BEB335A3B44EA6CBA436AF2430373601B46E472D702976056777BFE8CE8DC2D871AE6AB43A |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old~RF3b140.TMP (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 356 |
| Entropy (8bit): | 5.155578431060995 |
| Encrypted: | false |
| SSDEEP: | 6:jv4q2PN723oH+Tcwt7Uh2ghZIFUt8SvJZmw+SvDkwON723oH+Tcwt7Uh2gnLJ:cvVaYebIhHh2FUt86/+G5OaYebIhHLJ |
| MD5: | 628E6B685837E05720D686B2EB70AAB9 |
| SHA1: | 6A137592E6D31A5A495CD777DF2162CC4C246005 |
| SHA-256: | BAB90E44386A2DB5D240FAC57E8975D061D862F2850ED72B85E0450C3D111B68 |
| SHA-512: | CAE699AE49438811F247E1EE86F2302AB338B8833E57B9AAF111A8BEB335A3B44EA6CBA436AF2430373601B46E472D702976056777BFE8CE8DC2D871AE6AB43A |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 280 |
| Entropy (8bit): | 5.238812921818751 |
| Encrypted: | false |
| SSDEEP: | 6:jtRQ3ScSPRqN723oH+TcwtzjqEKj0QMxIFUfQV/EXTwbEu:g3SxEaYebvqBZFUIuDwB |
| MD5: | 3791174F2916138939EB9A978E2E1471 |
| SHA1: | CA590E9D35E054F6F55F4FF3B1F84F28C9A530A1 |
| SHA-256: | 3AB843B8505C89E3CE84792C4E746E76869EBB32C8040A280B8375E011A4BA81 |
| SHA-512: | A7CBDA880ED25602B523BBD707BDB355799A76D533CC5259C8048C9C48C4FAF2E1954D3EB148557E258EB6C60FEB3BF85123E5D8EA8F0D7EFE495F6CD035E20B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 280 |
| Entropy (8bit): | 5.238812921818751 |
| Encrypted: | false |
| SSDEEP: | 6:jtRQ3ScSPRqN723oH+TcwtzjqEKj0QMxIFUfQV/EXTwbEu:g3SxEaYebvqBZFUIuDwB |
| MD5: | 3791174F2916138939EB9A978E2E1471 |
| SHA1: | CA590E9D35E054F6F55F4FF3B1F84F28C9A530A1 |
| SHA-256: | 3AB843B8505C89E3CE84792C4E746E76869EBB32C8040A280B8375E011A4BA81 |
| SHA-512: | A7CBDA880ED25602B523BBD707BDB355799A76D533CC5259C8048C9C48C4FAF2E1954D3EB148557E258EB6C60FEB3BF85123E5D8EA8F0D7EFE495F6CD035E20B |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 332 |
| Entropy (8bit): | 5.231492384272724 |
| Encrypted: | false |
| SSDEEP: | 6:jPjHN+q2PN723oH+TcwtpIFUt8SPjHZZmw+S6wVkwON723oH+Tcwta/WLJ:7jovVaYebmFUt84j5/+s5OaYebaUJ |
| MD5: | C7DBBB0CA8BEE6F1C4443FCAC2F58E80 |
| SHA1: | BDB99A7CD6611CFB73EC8C7819CF7891C886F0CC |
| SHA-256: | DFBEB646C4873E7941BFA72591736450E854BAA58E066FA129366BB090E06CFF |
| SHA-512: | 341846EB6A14E2547B291430759F5800A56E76C160E6CFB6636EA7EF5E814D1FBB8A3F69FE4D7EC45E7B21C67A39F1B3A1753F53E03EB04F0AFF9B4E25BAA775 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 332 |
| Entropy (8bit): | 5.231492384272724 |
| Encrypted: | false |
| SSDEEP: | 6:jPjHN+q2PN723oH+TcwtpIFUt8SPjHZZmw+S6wVkwON723oH+Tcwta/WLJ:7jovVaYebmFUt84j5/+s5OaYebaUJ |
| MD5: | C7DBBB0CA8BEE6F1C4443FCAC2F58E80 |
| SHA1: | BDB99A7CD6611CFB73EC8C7819CF7891C886F0CC |
| SHA-256: | DFBEB646C4873E7941BFA72591736450E854BAA58E066FA129366BB090E06CFF |
| SHA-512: | 341846EB6A14E2547B291430759F5800A56E76C160E6CFB6636EA7EF5E814D1FBB8A3F69FE4D7EC45E7B21C67A39F1B3A1753F53E03EB04F0AFF9B4E25BAA775 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old~RF3b075.TMP (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 332 |
| Entropy (8bit): | 5.231492384272724 |
| Encrypted: | false |
| SSDEEP: | 6:jPjHN+q2PN723oH+TcwtpIFUt8SPjHZZmw+S6wVkwON723oH+Tcwta/WLJ:7jovVaYebmFUt84j5/+s5OaYebaUJ |
| MD5: | C7DBBB0CA8BEE6F1C4443FCAC2F58E80 |
| SHA1: | BDB99A7CD6611CFB73EC8C7819CF7891C886F0CC |
| SHA-256: | DFBEB646C4873E7941BFA72591736450E854BAA58E066FA129366BB090E06CFF |
| SHA-512: | 341846EB6A14E2547B291430759F5800A56E76C160E6CFB6636EA7EF5E814D1FBB8A3F69FE4D7EC45E7B21C67A39F1B3A1753F53E03EB04F0AFF9B4E25BAA775 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 196608 |
| Entropy (8bit): | 1.1249281078451319 |
| Encrypted: | false |
| SSDEEP: | 384:A2qOB1nxCkfSA1LyKOMq+8iP5GDHP/0j:dq+n0E91LyKOMq+8iP5GLP/0 |
| MD5: | 53D687A985E48D85B4216D0DD556E8E7 |
| SHA1: | DC9E6C88D090CBDB0A3A66A3AD17C4830468DDB0 |
| SHA-256: | 0B76CA8CF3D45CA362FD56E77DAE91266E7E227E4879A31451514903B230490E |
| SHA-512: | CE5E49EFB3E101592039AA8C37BAC54452C5ACC5A122E8B51C3FEAC24D49F60ECEA7D3FE4EA7DD9B53541FB43C94B9CE25332A5EFEAFE3181C68BB6F7AE9EBB0 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\a14213da-f007-49cc-8edc-01e412cb51a9.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1 |
| Entropy (8bit): | 0.0 |
| Encrypted: | false |
| SSDEEP: | 3:L:L |
| MD5: | 5058F1AF8388633F609CADB75A75DC9D |
| SHA1: | 3A52CE780950D4D969792A2559CD519D7EE8C727 |
| SHA-256: | CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8 |
| SHA-512: | 0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\b3f6fe9e-915a-499f-97ee-f392a62cd479.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1 |
| Entropy (8bit): | 0.0 |
| Encrypted: | false |
| SSDEEP: | 3:L:L |
| MD5: | 5058F1AF8388633F609CADB75A75DC9D |
| SHA1: | 3A52CE780950D4D969792A2559CD519D7EE8C727 |
| SHA-256: | CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8 |
| SHA-512: | 0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\de3ce702-2aea-4f25-8ee2-d145f77beb33.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 24691 |
| Entropy (8bit): | 5.568516254732926 |
| Encrypted: | false |
| SSDEEP: | 768:9VS4cXWa3W5wNgf44L8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPeuIYl1prwXU4pFtZ:9YFXN3WaNgfFLu1jazkTaFtZ |
| MD5: | 99A3F6D1E6B37FA8D7FB468AC3B7A409 |
| SHA1: | 993BD71BCB791109DCFECFCB8426812C169012B8 |
| SHA-256: | 39B5B6401AFAD6B911C00773C4F51BDC929EF8E8657E26A60EB4B50BFEF6ACE8 |
| SHA-512: | B35ED372D1C134FCB789B7539CF8D435E82BB930CAE42249C4380461677CEA443517F6DF055673E91E0DF3A66D1B8BAA99A6B8B992E2CD9355B86D394919209C |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 45056 |
| Entropy (8bit): | 0.4108834313259155 |
| Encrypted: | false |
| SSDEEP: | 24:TSWUYP5/ZrK/AxH1Aj5sAFWZmasamfDsCBjy8e+ZcI5fc:TnUYVAKAFXX+CcEc |
| MD5: | 8593795778EA3EC8221366AA2FBBA867 |
| SHA1: | 2F307D4925183EA13E7BE637CB93ECAF2BA9810A |
| SHA-256: | F3C17873660988454A5A403D047FCE88379D1FE8917A89C98E6EB940F8929C03 |
| SHA-512: | CC86DD61ACEDA6F2927C4C23CBD6D426F2C8CD1DF65E342C76D07153ACBF801F9B297F8EF182097CBABBDE6A49C90AF0E7A38E49AB53DF3FD2EC2D5BC675099A |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 32768 |
| Entropy (8bit): | 0.04980715022639089 |
| Encrypted: | false |
| SSDEEP: | 6:Gd0ddi8gd0ddi8myL9XCChslotGLNl0ml/XoQDeX:zddHgiddH7pEjVl/XoQ |
| MD5: | 0DCF538A04A10139C2BEF0CD1B1FA9FB |
| SHA1: | C6AED1B5CA0A1ECE6E81CC70CD14AA046162B5D0 |
| SHA-256: | 752A0BD20BD96F5916028A5F87541F11C760FDC19DE38C8BCB16B4C14DF60647 |
| SHA-512: | 49DBC69DFFD0CCAEE055EB9D417412E90EEA4362B57585064E8F89B0911264BA86A06EC01B31B0450027E87AAB4BB2CB0754666F4C81604C152A06C5BE1FE287 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 328 |
| Entropy (8bit): | 5.2477838368371295 |
| Encrypted: | false |
| SSDEEP: | 6:jVWHDM+q2PN723oH+TcwtfrK+IFUt8SyAgZmw+SyADMVkwON723oH+TcwtfrUeLJ:pWHDM+vVaYeb23FUt8kg/+kDMV5OaYet |
| MD5: | 91F1DC7C88BF312B1E3F787F97C56A7C |
| SHA1: | 0AF6D196349CAD1E25C2D02C593200015427C5A9 |
| SHA-256: | A1D1EE5808970F8E42E57C34BC171CA8E2D432898C280F6FFD31E6E88B72EE64 |
| SHA-512: | 023CBA289C7D44CF33547B3561D46B2BB0569A9C7CA13C69C5B28780779CCD6D36FBE2C2F340D66A50A2833F39692B6B360DD8894637F7095056A27C2D4D52EF |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 328 |
| Entropy (8bit): | 5.2477838368371295 |
| Encrypted: | false |
| SSDEEP: | 6:jVWHDM+q2PN723oH+TcwtfrK+IFUt8SyAgZmw+SyADMVkwON723oH+TcwtfrUeLJ:pWHDM+vVaYeb23FUt8kg/+kDMV5OaYet |
| MD5: | 91F1DC7C88BF312B1E3F787F97C56A7C |
| SHA1: | 0AF6D196349CAD1E25C2D02C593200015427C5A9 |
| SHA-256: | A1D1EE5808970F8E42E57C34BC171CA8E2D432898C280F6FFD31E6E88B72EE64 |
| SHA-512: | 023CBA289C7D44CF33547B3561D46B2BB0569A9C7CA13C69C5B28780779CCD6D36FBE2C2F340D66A50A2833F39692B6B360DD8894637F7095056A27C2D4D52EF |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 816 |
| Entropy (8bit): | 4.0647916882227655 |
| Encrypted: | false |
| SSDEEP: | 12:G0nYUtTNop//z32m5t/yVf9HqlIZfkBA//DtKhKg+rOyBrgxvB1ySxs:G0nYUtypD32m3yWlIZMBA5NgKIvB8Sxs |
| MD5: | 3BE72D8D40752B3A97028FDB2931FABA |
| SHA1: | A27EA4726857A948F0A4B074062B674469A9A371 |
| SHA-256: | 3C18553C8C3F7E801855F3579AC57F3C156D783BBA27FB35C6D2FB6CB89BD902 |
| SHA-512: | 8EBD4D6980BB7796615217E72BC65953C920B68B9259341CD52858C1E889EC90339E2A304FE0C971D6C6EF9AFC4A00CFB3E5CC89C7B2DF8737A0C7EC241BDADC |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 346 |
| Entropy (8bit): | 5.228227682462873 |
| Encrypted: | false |
| SSDEEP: | 6:jdDM+q2PN723oH+TcwtfrzAdIFUt8SdgZmw+SdDMVkwON723oH+TcwtfrzILJ:JDM+vVaYeb9FUt84g/+4DMV5OaYeb2J |
| MD5: | 13B2D210422C0C8E7F44417EF1D80B26 |
| SHA1: | 551802C6BCFE705671E813C9CBF1CF46EA055490 |
| SHA-256: | E3E80B82CAAA6AA0E214DD23B586F1779B79FF06390BD4FE0B247763F0675C7D |
| SHA-512: | A6BEB8945D717A4E5FF36970BC64BA80DC825D6130F3180B30AC45A3B9D9DA65D9E441E8F613D1BB9D92382DB239627AEF021E121A042A733940B307DFB1E41B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 346 |
| Entropy (8bit): | 5.228227682462873 |
| Encrypted: | false |
| SSDEEP: | 6:jdDM+q2PN723oH+TcwtfrzAdIFUt8SdgZmw+SdDMVkwON723oH+TcwtfrzILJ:JDM+vVaYeb9FUt84g/+4DMV5OaYeb2J |
| MD5: | 13B2D210422C0C8E7F44417EF1D80B26 |
| SHA1: | 551802C6BCFE705671E813C9CBF1CF46EA055490 |
| SHA-256: | E3E80B82CAAA6AA0E214DD23B586F1779B79FF06390BD4FE0B247763F0675C7D |
| SHA-512: | A6BEB8945D717A4E5FF36970BC64BA80DC825D6130F3180B30AC45A3B9D9DA65D9E441E8F613D1BB9D92382DB239627AEF021E121A042A733940B307DFB1E41B |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 13 |
| Entropy (8bit): | 2.6612262562697895 |
| Encrypted: | false |
| SSDEEP: | 3:NYLFRQZ:ap2Z |
| MD5: | B64BD80D877645C2DD14265B1A856F8A |
| SHA1: | F7379E1A6F8CE062E891C56736C789C7EA77CD6A |
| SHA-256: | 83476CEEEB7682F41030664B4E17305986878D14E82D0C277FB99EC546B44569 |
| SHA-512: | 734A7316A269C76DD052D980CC0D5209C0BFEDFFC55B11C58FA25C433CE8A42536827298C3E58CACD68CC01593C23D39350E956E8DE2268D8D29918E1F0667F2 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 44455 |
| Entropy (8bit): | 6.08978167290333 |
| Encrypted: | false |
| SSDEEP: | 768:+DXzgWPsj/qlGJqIY8GB4kWSdi1zNtPMtkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynyekzItSmd6qE7lFoC |
| MD5: | C254A0753A39279C29328FD5B7522224 |
| SHA1: | CF5A74E5A54F3403A7CAF00A57A28C18FBECF0B4 |
| SHA-256: | FD55EEBC74788896D9CEEB975C013DF18155985D8A344775876596F546D70453 |
| SHA-512: | D11AADB269EB7D25DB115859C399D23ACDCE3075B2D72B9B77C69B2B91FD96794EBD5A6B7D40DEB00B537CFA84C0DAAE114993D48DB63635C60D3A3E54469D83 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 44455 |
| Entropy (8bit): | 6.08978167290333 |
| Encrypted: | false |
| SSDEEP: | 768:+DXzgWPsj/qlGJqIY8GB4kWSdi1zNtPMtkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynyekzItSmd6qE7lFoC |
| MD5: | C254A0753A39279C29328FD5B7522224 |
| SHA1: | CF5A74E5A54F3403A7CAF00A57A28C18FBECF0B4 |
| SHA-256: | FD55EEBC74788896D9CEEB975C013DF18155985D8A344775876596F546D70453 |
| SHA-512: | D11AADB269EB7D25DB115859C399D23ACDCE3075B2D72B9B77C69B2B91FD96794EBD5A6B7D40DEB00B537CFA84C0DAAE114993D48DB63635C60D3A3E54469D83 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 44455 |
| Entropy (8bit): | 6.08978167290333 |
| Encrypted: | false |
| SSDEEP: | 768:+DXzgWPsj/qlGJqIY8GB4kWSdi1zNtPMtkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynyekzItSmd6qE7lFoC |
| MD5: | C254A0753A39279C29328FD5B7522224 |
| SHA1: | CF5A74E5A54F3403A7CAF00A57A28C18FBECF0B4 |
| SHA-256: | FD55EEBC74788896D9CEEB975C013DF18155985D8A344775876596F546D70453 |
| SHA-512: | D11AADB269EB7D25DB115859C399D23ACDCE3075B2D72B9B77C69B2B91FD96794EBD5A6B7D40DEB00B537CFA84C0DAAE114993D48DB63635C60D3A3E54469D83 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 44455 |
| Entropy (8bit): | 6.08978167290333 |
| Encrypted: | false |
| SSDEEP: | 768:+DXzgWPsj/qlGJqIY8GB4kWSdi1zNtPMtkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynyekzItSmd6qE7lFoC |
| MD5: | C254A0753A39279C29328FD5B7522224 |
| SHA1: | CF5A74E5A54F3403A7CAF00A57A28C18FBECF0B4 |
| SHA-256: | FD55EEBC74788896D9CEEB975C013DF18155985D8A344775876596F546D70453 |
| SHA-512: | D11AADB269EB7D25DB115859C399D23ACDCE3075B2D72B9B77C69B2B91FD96794EBD5A6B7D40DEB00B537CFA84C0DAAE114993D48DB63635C60D3A3E54469D83 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 44455 |
| Entropy (8bit): | 6.08978167290333 |
| Encrypted: | false |
| SSDEEP: | 768:+DXzgWPsj/qlGJqIY8GB4kWSdi1zNtPMtkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynyekzItSmd6qE7lFoC |
| MD5: | C254A0753A39279C29328FD5B7522224 |
| SHA1: | CF5A74E5A54F3403A7CAF00A57A28C18FBECF0B4 |
| SHA-256: | FD55EEBC74788896D9CEEB975C013DF18155985D8A344775876596F546D70453 |
| SHA-512: | D11AADB269EB7D25DB115859C399D23ACDCE3075B2D72B9B77C69B2B91FD96794EBD5A6B7D40DEB00B537CFA84C0DAAE114993D48DB63635C60D3A3E54469D83 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 44455 |
| Entropy (8bit): | 6.08978167290333 |
| Encrypted: | false |
| SSDEEP: | 768:+DXzgWPsj/qlGJqIY8GB4kWSdi1zNtPMtkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynyekzItSmd6qE7lFoC |
| MD5: | C254A0753A39279C29328FD5B7522224 |
| SHA1: | CF5A74E5A54F3403A7CAF00A57A28C18FBECF0B4 |
| SHA-256: | FD55EEBC74788896D9CEEB975C013DF18155985D8A344775876596F546D70453 |
| SHA-512: | D11AADB269EB7D25DB115859C399D23ACDCE3075B2D72B9B77C69B2B91FD96794EBD5A6B7D40DEB00B537CFA84C0DAAE114993D48DB63635C60D3A3E54469D83 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 44455 |
| Entropy (8bit): | 6.08978167290333 |
| Encrypted: | false |
| SSDEEP: | 768:+DXzgWPsj/qlGJqIY8GB4kWSdi1zNtPMtkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynyekzItSmd6qE7lFoC |
| MD5: | C254A0753A39279C29328FD5B7522224 |
| SHA1: | CF5A74E5A54F3403A7CAF00A57A28C18FBECF0B4 |
| SHA-256: | FD55EEBC74788896D9CEEB975C013DF18155985D8A344775876596F546D70453 |
| SHA-512: | D11AADB269EB7D25DB115859C399D23ACDCE3075B2D72B9B77C69B2B91FD96794EBD5A6B7D40DEB00B537CFA84C0DAAE114993D48DB63635C60D3A3E54469D83 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | modified |
| Size (bytes): | 270336 |
| Entropy (8bit): | 0.0018238520723782249 |
| Encrypted: | false |
| SSDEEP: | 3:MsEllllkEthXllkl2zEjrrXF:/M/xT02zaXF |
| MD5: | 5193C55BE2D3F5497D7596B39377876D |
| SHA1: | 0A25106CA005623F6E005DEF4567BDC870844F01 |
| SHA-256: | 415D4415888438A6C56F72A4C195BE3D1C61695CAC5B9416495A653A21FDC1A4 |
| SHA-512: | 3962E77786E0712C5DB741442FB24402479FE4AE5E6F63F1A9B0D9A764394E9570CF3338F95DF680E0ED1D289AAE7D7BD6FB67430E2116070E4211B532037E84 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 85 |
| Entropy (8bit): | 4.3488360343066725 |
| Encrypted: | false |
| SSDEEP: | 3:YQ3JYq9xSs0dMEJAELJ25AmIpozQp:YQ3Kq9X0dMgAEiLIj |
| MD5: | 8549C255650427D618EF18B14DFD2B56 |
| SHA1: | 8272585186777B344DB3960DF62B00F570D247F6 |
| SHA-256: | 40395D9CA4B65D48DEAC792844A77D4F8051F1CEF30DF561DACFEEED3C3BAE13 |
| SHA-512: | E5BB8A0AD338372635C3629E306604E3DC5A5C26FB5547A3DD7E404E5261630612C07326E7EBF5B47ABAFADE8E555965A1A59A1EECFC496DCDD5003048898A8C |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\f5f16104-5123-4643-a8aa-d55bd7de4610.tmp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 44963 |
| Entropy (8bit): | 6.096088324481052 |
| Encrypted: | false |
| SSDEEP: | 768:yDXzgWPsj/qlGJqIY8GB4xWVpi1zNtTFZJ9lEPFMQPr+uFkKJDSgzMMd6qD47u3S:y/Ps+wsI7yO5FZJbKtSmd6qE7lFoC |
| MD5: | 27999965F12F77463867C37785422461 |
| SHA1: | BAB2428114E1ECBB4359FA69A666F1AB1DB21389 |
| SHA-256: | A98C08C1B629C464BD749EA27F6060360D5A34D3C0606343FA1E7D84C389CE82 |
| SHA-512: | 7F5B8771E4A32E7B4F7084D5FADF7B664E8DB086D0E6286D4120B8F83F762041C735818F19F906CE7226FB23ED4685E51A0AA9897814516E40A9218466DCC19B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2278 |
| Entropy (8bit): | 3.8405554413959466 |
| Encrypted: | false |
| SSDEEP: | 48:uiTrlKxrgxWSxl9Il8uM18s3TJZtvLFK5cZag7Cffd1rc:mV2Y66s3TJjhgcAgr |
| MD5: | 7236DF892F0C542A6F45C5CE2E650AC6 |
| SHA1: | 8AC7681E37ABC6CE4215D5661EE0D1D19F7D8D66 |
| SHA-256: | 9FA2497355FC870CD26F30CFADEAEB15C12BED6D96D562CF4F33A83D75993426 |
| SHA-512: | D775707BD0ABF987F37C244E9DC578138CD56FB4EDC47EF294210CE4C153D3628C51A4BF1285E3F588090C6D2BD06785C6390B3C6261512562C1F0EA07CACA6B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 4622 |
| Entropy (8bit): | 4.002280731787969 |
| Encrypted: | false |
| SSDEEP: | 96:mY6Dk05APRlNVrrC5zfhhMqNVDIVPBZECoS+MM:mnT5APpJrC5j3MqNkZZQd |
| MD5: | BA445DB6D53A14D5FCDCFF2E5FF3F32B |
| SHA1: | 82F504EB7521FE62DF15CA02C0CF18005B97C154 |
| SHA-256: | 76E7CF375D00585756E31A1A0BF371C063AFCBD910419A3316D3DF2DB205F13D |
| SHA-512: | E185C8A30B2560D92EA6BF0413701D761490817B7992769DF435B9F356517A378993E312D0E9ADEF063AE2AE723374DAA314278DAA7279E237EA6C02D1DED0F2 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1428 |
| Entropy (8bit): | 5.3943982825133086 |
| Encrypted: | false |
| SSDEEP: | 24:YZGMfJVA/5BGMLfp5BGMz6jT07ncIF5InHI0MY5kUQnA0OpJ5xHRS4L0Mom2J5VJ:Y4MfJVe5wMd5wMe07cIF5Io0MY5kU2A+ |
| MD5: | A9D0D1B9BD0102472FE97C24D6FF5C79 |
| SHA1: | 4101FEBD38358E85DBBA647CBC04D9D137A38B60 |
| SHA-256: | 3B16597754F47A8A018D3B94BD4E3F3FCA2E0563F1FBFB3D5A88D8E9BDB6B3D7 |
| SHA-512: | 0D5707DB6A0DC7A229CE76B9DF3289AABFF59671D40BF3376A1F363359BA6C9FDE20D36D0E9D8A21146DB4070A68E7375F3978E65065745C204B8C7E15D1A39F |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\1PZ0W9E23LUP31HVCP4L.temp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 3888 |
| Entropy (8bit): | 3.5217839733609697 |
| Encrypted: | false |
| SSDEEP: | 48:LOBldOKEEsiW9zBdLXuHxkDph4A1NdOK/EsiW9zngdLXuHxk+21:D3uRkDAOnIuRkz |
| MD5: | 9E76E6FD95AAC889F7A81866F8FADAF8 |
| SHA1: | EF60D9430486485A4E8CD5EFFD09048D9B947F4C |
| SHA-256: | 24F2F75F94A32C7FABC27BC436BAF2DA5803F58F8DD14FD2BE8604A8FC53DA69 |
| SHA-512: | D75474A48A31843AC4D92B67403F6EFBAD2689545AE778EB21E16E05F38F8C33375ABD617DB50D4BF450A95AE6BA83CF4CBE106281A48AB5310BE1EE668FA054 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\875a60a09683c344.customDestinations-ms (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 3888 |
| Entropy (8bit): | 3.5217839733609697 |
| Encrypted: | false |
| SSDEEP: | 48:LOBldOKEEsiW9zBdLXuHxkDph4A1NdOK/EsiW9zngdLXuHxk+21:D3uRkDAOnIuRkz |
| MD5: | 9E76E6FD95AAC889F7A81866F8FADAF8 |
| SHA1: | EF60D9430486485A4E8CD5EFFD09048D9B947F4C |
| SHA-256: | 24F2F75F94A32C7FABC27BC436BAF2DA5803F58F8DD14FD2BE8604A8FC53DA69 |
| SHA-512: | D75474A48A31843AC4D92B67403F6EFBAD2689545AE778EB21E16E05F38F8C33375ABD617DB50D4BF450A95AE6BA83CF4CBE106281A48AB5310BE1EE668FA054 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\XJTI755WXG007W07H4RO.temp
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 3888 |
| Entropy (8bit): | 3.5191859586437433 |
| Encrypted: | false |
| SSDEEP: | 48:LO1NdOK/EsiW9zBdLXuHxkDph4A1NdOK/EsiW9zngdLXuHxk+21:Y3uRkDAOnIuRkz |
| MD5: | ED848EC9C2D41A8CCFA5F4A9AA7029B8 |
| SHA1: | 4237141F27719A63B62A0ACFD6A812BF73BAF676 |
| SHA-256: | F748F2E2C06CF2DD8463C2A8F3EED543DD808A314F1789EFC8749D117D8FF087 |
| SHA-512: | 9D523DB359A4801C0EDD8825FBC7E936C2AF9EBF5F88B8626DECE276CE4AF4A1975A0BDBF0E66FD9DF0AF81B7273C0FFF59945F57086478931B49E46321E5465 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms (copy)
Download File
| Process: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 3888 |
| Entropy (8bit): | 3.5191859586437433 |
| Encrypted: | false |
| SSDEEP: | 48:LO1NdOK/EsiW9zBdLXuHxkDph4A1NdOK/EsiW9zngdLXuHxk+21:Y3uRkDAOnIuRkz |
| MD5: | ED848EC9C2D41A8CCFA5F4A9AA7029B8 |
| SHA1: | 4237141F27719A63B62A0ACFD6A812BF73BAF676 |
| SHA-256: | F748F2E2C06CF2DD8463C2A8F3EED543DD808A314F1789EFC8749D117D8FF087 |
| SHA-512: | 9D523DB359A4801C0EDD8825FBC7E936C2AF9EBF5F88B8626DECE276CE4AF4A1975A0BDBF0E66FD9DF0AF81B7273C0FFF59945F57086478931B49E46321E5465 |
| Malicious: | false |
| Preview: |
| File type: | |
| Entropy (8bit): | 6.57977142707605 |
| TrID: |
|
| File name: | file.exe |
| File size: | 917'504 bytes |
| MD5: | 4ea77c57cb0e4de372edd5e2d1ae4a82 |
| SHA1: | 0eb5ce10901508bd6617b8312cfbe41e1ebf7b23 |
| SHA256: | accf43f97945d8b74f25174f9b69a8df69bd60386bd1a74ae53bc7c927495bfc |
| SHA512: | 18ac99c993eda51b87a1d342ed735371b94f60195f0ef59ebcb7d0993bbf12602ed46b4612ae7fee4d01ca24dc957ea79ccea403ad998e7f54f829fdfed691dc |
| SSDEEP: | 12288:KqDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDgacTM:KqDEvCTbMWu7rQYlBQcBiT6rprG8asM |
| TLSH: | 07159E0273D1C062FFAB92334B5AF6515BBC69260123E61F13981DB9BE701B1563E7A3 |
| File Content Preview: | MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......................j:......j:..C...j:......@.*...............................n.......~.............{.......{.......{.........z.... |
 | |
| Icon Hash: | aaf3e3e3938382a0 |
| Entrypoint: | 0x420577 |
| Entrypoint Section: | .text |
| Digitally signed: | false |
| Imagebase: | 0x400000 |
| Subsystem: | windows gui |
| Image File Characteristics: | EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE |
| DLL Characteristics: | DYNAMIC_BASE, TERMINAL_SERVER_AWARE |
| Time Stamp: | 0x66D374B0 [Sat Aug 31 19:53:20 2024 UTC] |
| TLS Callbacks: | |
| CLR (.Net) Version: | |
| OS Version Major: | 5 |
| OS Version Minor: | 1 |
| File Version Major: | 5 |
| File Version Minor: | 1 |
| Subsystem Version Major: | 5 |
| Subsystem Version Minor: | 1 |
| Import Hash: | 948cc502fe9226992dce9417f952fce3 |
| Instruction |
|---|
| call 00007FD3E0DEB313h |
| jmp 00007FD3E0DEAC1Fh |
| push ebp |
| mov ebp, esp |
| push esi |
| push dword ptr [ebp+08h] |
| mov esi, ecx |
| call 00007FD3E0DEADFDh |
| mov dword ptr [esi], 0049FDF0h |
| mov eax, esi |
| pop esi |
| pop ebp |
| retn 0004h |
| and dword ptr [ecx+04h], 00000000h |
| mov eax, ecx |
| and dword ptr [ecx+08h], 00000000h |
| mov dword ptr [ecx+04h], 0049FDF8h |
| mov dword ptr [ecx], 0049FDF0h |
| ret |
| push ebp |
| mov ebp, esp |
| push esi |
| push dword ptr [ebp+08h] |
| mov esi, ecx |
| call 00007FD3E0DEADCAh |
| mov dword ptr [esi], 0049FE0Ch |
| mov eax, esi |
| pop esi |
| pop ebp |
| retn 0004h |
| and dword ptr [ecx+04h], 00000000h |
| mov eax, ecx |
| and dword ptr [ecx+08h], 00000000h |
| mov dword ptr [ecx+04h], 0049FE14h |
| mov dword ptr [ecx], 0049FE0Ch |
| ret |
| push ebp |
| mov ebp, esp |
| push esi |
| mov esi, ecx |
| lea eax, dword ptr [esi+04h] |
| mov dword ptr [esi], 0049FDD0h |
| and dword ptr [eax], 00000000h |
| and dword ptr [eax+04h], 00000000h |
| push eax |
| mov eax, dword ptr [ebp+08h] |
| add eax, 04h |
| push eax |
| call 00007FD3E0DED9BDh |
| pop ecx |
| pop ecx |
| mov eax, esi |
| pop esi |
| pop ebp |
| retn 0004h |
| lea eax, dword ptr [ecx+04h] |
| mov dword ptr [ecx], 0049FDD0h |
| push eax |
| call 00007FD3E0DEDA08h |
| pop ecx |
| ret |
| push ebp |
| mov ebp, esp |
| push esi |
| mov esi, ecx |
| lea eax, dword ptr [esi+04h] |
| mov dword ptr [esi], 0049FDD0h |
| push eax |
| call 00007FD3E0DED9F1h |
| test byte ptr [ebp+08h], 00000001h |
| pop ecx |
| Programming Language: |
|
| Name | Virtual Address | Virtual Size | Is in Section |
|---|---|---|---|
| IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_IMPORT | 0xc8e64 | 0x17c | .rdata |
| IMAGE_DIRECTORY_ENTRY_RESOURCE | 0xd4000 | 0x95c8 | .rsrc |
| IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_BASERELOC | 0xde000 | 0x7594 | .reloc |
| IMAGE_DIRECTORY_ENTRY_DEBUG | 0xb0ff0 | 0x1c | .rdata |
| IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_TLS | 0xc3400 | 0x18 | .rdata |
| IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0xb1010 | 0x40 | .rdata |
| IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_IAT | 0x9c000 | 0x894 | .rdata |
| IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
| Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
|---|---|---|---|---|---|---|---|---|---|
| .text | 0x1000 | 0x9ab1d | 0x9ac00 | 0a1473f3064dcbc32ef93c5c8a90f3a6 | False | 0.565500681542811 | data | 6.668273581389308 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
| .rdata | 0x9c000 | 0x2fb82 | 0x2fc00 | c9cf2468b60bf4f80f136ed54b3989fb | False | 0.35289185209424084 | data | 5.691811547483722 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
| .data | 0xcc000 | 0x706c | 0x4800 | 53b9025d545d65e23295e30afdbd16d9 | False | 0.04356553819444445 | DOS executable (block device driver @\273\) | 0.5846666986982398 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
| .rsrc | 0xd4000 | 0x95c8 | 0x9600 | da18dafcfde703c70293ae2aa3426004 | False | 0.28692708333333333 | data | 5.165951190775798 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
| .reloc | 0xde000 | 0x7594 | 0x7600 | c68ee8931a32d45eb82dc450ee40efc3 | False | 0.7628111758474576 | data | 6.7972128181359786 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
| Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
|---|---|---|---|---|---|---|
| RT_ICON | 0xd45a8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.7466216216216216 |
| RT_ICON | 0xd46d0 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colors | English | Great Britain | 0.3277027027027027 |
| RT_ICON | 0xd47f8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.3885135135135135 |
| RT_ICON | 0xd4920 | 0x2e8 | Device independent bitmap graphic, 32 x 64 x 4, image size 0 | English | Great Britain | 0.3333333333333333 |
| RT_ICON | 0xd4c08 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 0 | English | Great Britain | 0.5 |
| RT_ICON | 0xd4d30 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 0 | English | Great Britain | 0.2835820895522388 |
| RT_ICON | 0xd5bd8 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 0 | English | Great Britain | 0.37906137184115524 |
| RT_ICON | 0xd6480 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 0 | English | Great Britain | 0.23699421965317918 |
| RT_ICON | 0xd69e8 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | English | Great Britain | 0.13858921161825727 |
| RT_ICON | 0xd8f90 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 0 | English | Great Britain | 0.25070356472795496 |
| RT_ICON | 0xda038 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | English | Great Britain | 0.3173758865248227 |
| RT_MENU | 0xda4a0 | 0x50 | data | English | Great Britain | 0.9 |
| RT_STRING | 0xda4f0 | 0x594 | data | English | Great Britain | 0.3333333333333333 |
| RT_STRING | 0xdaa84 | 0x68a | data | English | Great Britain | 0.2735961768219833 |
| RT_STRING | 0xdb110 | 0x490 | data | English | Great Britain | 0.3715753424657534 |
| RT_STRING | 0xdb5a0 | 0x5fc | data | English | Great Britain | 0.3087467362924282 |
| RT_STRING | 0xdbb9c | 0x65c | data | English | Great Britain | 0.34336609336609336 |
| RT_STRING | 0xdc1f8 | 0x466 | data | English | Great Britain | 0.3605683836589698 |
| RT_STRING | 0xdc660 | 0x158 | Matlab v4 mat-file (little endian) n, numeric, rows 0, columns 0 | English | Great Britain | 0.502906976744186 |
| RT_RCDATA | 0xdc7b8 | 0x890 | data | 1.0050182481751824 | ||
| RT_GROUP_ICON | 0xdd048 | 0x76 | data | English | Great Britain | 0.6610169491525424 |
| RT_GROUP_ICON | 0xdd0c0 | 0x14 | data | English | Great Britain | 1.25 |
| RT_GROUP_ICON | 0xdd0d4 | 0x14 | data | English | Great Britain | 1.15 |
| RT_GROUP_ICON | 0xdd0e8 | 0x14 | data | English | Great Britain | 1.25 |
| RT_VERSION | 0xdd0fc | 0xdc | data | English | Great Britain | 0.6181818181818182 |
| RT_MANIFEST | 0xdd1d8 | 0x3ef | ASCII text, with CRLF line terminators | English | Great Britain | 0.5074478649453823 |
| DLL | Import |
|---|---|
| WSOCK32.dll | gethostbyname, recv, send, socket, inet_ntoa, setsockopt, ntohs, WSACleanup, WSAStartup, sendto, htons, __WSAFDIsSet, select, accept, listen, bind, inet_addr, ioctlsocket, recvfrom, WSAGetLastError, closesocket, gethostname, connect |
| VERSION.dll | GetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW |
| WINMM.dll | timeGetTime, waveOutSetVolume, mciSendStringW |
| COMCTL32.dll | ImageList_ReplaceIcon, ImageList_Destroy, ImageList_Remove, ImageList_SetDragCursorImage, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_EndDrag, ImageList_DragMove, InitCommonControlsEx, ImageList_Create |
| MPR.dll | WNetGetConnectionW, WNetCancelConnection2W, WNetUseConnectionW, WNetAddConnection2W |
| WININET.dll | HttpOpenRequestW, InternetCloseHandle, InternetOpenW, InternetSetOptionW, InternetCrackUrlW, HttpQueryInfoW, InternetQueryOptionW, InternetConnectW, HttpSendRequestW, FtpOpenFileW, FtpGetFileSize, InternetOpenUrlW, InternetReadFile, InternetQueryDataAvailable |
| PSAPI.DLL | GetProcessMemoryInfo |
| IPHLPAPI.DLL | IcmpSendEcho, IcmpCloseHandle, IcmpCreateFile |
| USERENV.dll | DestroyEnvironmentBlock, LoadUserProfileW, CreateEnvironmentBlock, UnloadUserProfile |
| UxTheme.dll | IsThemeActive |
| KERNEL32.dll | DuplicateHandle, CreateThread, WaitForSingleObject, HeapAlloc, GetProcessHeap, HeapFree, Sleep, GetCurrentThreadId, MultiByteToWideChar, MulDiv, GetVersionExW, IsWow64Process, GetSystemInfo, FreeLibrary, LoadLibraryA, GetProcAddress, SetErrorMode, GetModuleFileNameW, WideCharToMultiByte, lstrcpyW, lstrlenW, GetModuleHandleW, QueryPerformanceCounter, VirtualFreeEx, OpenProcess, VirtualAllocEx, WriteProcessMemory, ReadProcessMemory, CreateFileW, SetFilePointerEx, SetEndOfFile, ReadFile, WriteFile, FlushFileBuffers, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, SetFileTime, GetFileAttributesW, FindFirstFileW, FindClose, GetLongPathNameW, GetShortPathNameW, DeleteFileW, IsDebuggerPresent, CopyFileExW, MoveFileW, CreateDirectoryW, RemoveDirectoryW, SetSystemPowerState, QueryPerformanceFrequency, LoadResource, LockResource, SizeofResource, OutputDebugStringW, GetTempPathW, GetTempFileNameW, DeviceIoControl, LoadLibraryW, GetLocalTime, CompareStringW, GetCurrentThread, EnterCriticalSection, LeaveCriticalSection, GetStdHandle, CreatePipe, InterlockedExchange, TerminateThread, LoadLibraryExW, FindResourceExW, CopyFileW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, WritePrivateProfileSectionW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetDriveTypeW, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetVolumeInformationW, SetVolumeLabelW, CreateHardLinkW, SetFileAttributesW, CreateEventW, SetEvent, GetEnvironmentVariableW, SetEnvironmentVariableW, GlobalLock, GlobalUnlock, GlobalAlloc, GetFileSize, GlobalFree, GlobalMemoryStatusEx, Beep, GetSystemDirectoryW, HeapReAlloc, HeapSize, GetComputerNameW, GetWindowsDirectoryW, GetCurrentProcessId, GetProcessIoCounters, CreateProcessW, GetProcessId, SetPriorityClass, VirtualAlloc, GetCurrentDirectoryW, lstrcmpiW, DecodePointer, GetLastError, RaiseException, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, ResetEvent, WaitForSingleObjectEx, IsProcessorFeaturePresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, CloseHandle, GetFullPathNameW, GetStartupInfoW, GetSystemTimeAsFileTime, InitializeSListHead, RtlUnwind, SetLastError, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, ExitProcess, GetModuleHandleExW, ExitThread, ResumeThread, FreeLibraryAndExitThread, GetACP, GetDateFormatW, GetTimeFormatW, LCMapStringW, GetStringTypeW, GetFileType, SetStdHandle, GetConsoleCP, GetConsoleMode, ReadConsoleW, GetTimeZoneInformation, FindFirstFileExW, IsValidCodePage, GetOEMCP, GetCPInfo, GetCommandLineA, GetCommandLineW, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetEnvironmentVariableA, SetCurrentDirectoryW, FindNextFileW, WriteConsoleW |
| USER32.dll | GetKeyboardLayoutNameW, IsCharAlphaW, IsCharAlphaNumericW, IsCharLowerW, IsCharUpperW, GetMenuStringW, GetSubMenu, GetCaretPos, IsZoomed, GetMonitorInfoW, SetWindowLongW, SetLayeredWindowAttributes, FlashWindow, GetClassLongW, TranslateAcceleratorW, IsDialogMessageW, GetSysColor, InflateRect, DrawFocusRect, DrawTextW, FrameRect, DrawFrameControl, FillRect, PtInRect, DestroyAcceleratorTable, CreateAcceleratorTableW, SetCursor, GetWindowDC, GetSystemMetrics, GetActiveWindow, CharNextW, wsprintfW, RedrawWindow, DrawMenuBar, DestroyMenu, SetMenu, GetWindowTextLengthW, CreateMenu, IsDlgButtonChecked, DefDlgProcW, CallWindowProcW, ReleaseCapture, SetCapture, PeekMessageW, GetInputState, UnregisterHotKey, CharLowerBuffW, MonitorFromPoint, MonitorFromRect, LoadImageW, mouse_event, ExitWindowsEx, SetActiveWindow, FindWindowExW, EnumThreadWindows, SetMenuDefaultItem, InsertMenuItemW, IsMenu, ClientToScreen, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, SetMenuItemInfoW, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, LockWindowUpdate, SendInput, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, VkKeyScanW, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, CopyRect, ReleaseDC, GetDC, EndPaint, BeginPaint, GetClientRect, GetMenu, DestroyWindow, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, GetFocus, GetWindowTextW, SendMessageTimeoutW, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, PostMessageW, GetWindowRect, SetUserObjectSecurity, CloseDesktop, CloseWindowStation, OpenDesktopW, RegisterHotKey, GetCursorInfo, SetWindowPos, CopyImage, AdjustWindowRectEx, SetRect, SetClipboardData, EmptyClipboard, CountClipboardFormats, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, BlockInput, TrackPopupMenuEx, GetMessageW, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationW, GetUserObjectSecurity, MessageBoxW, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageW, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, GetForegroundWindow, MessageBoxA, DestroyIcon, DispatchMessageW, keybd_event, TranslateMessage, ScreenToClient |
| GDI32.dll | EndPath, DeleteObject, GetTextExtentPoint32W, ExtCreatePen, StrokeAndFillPath, GetDeviceCaps, SetPixel, CloseFigure, LineTo, AngleArc, MoveToEx, Ellipse, CreateCompatibleBitmap, CreateCompatibleDC, PolyDraw, BeginPath, Rectangle, SetViewportOrgEx, GetObjectW, SetBkMode, RoundRect, SetBkColor, CreatePen, SelectObject, StretchBlt, CreateSolidBrush, SetTextColor, CreateFontW, GetTextFaceW, GetStockObject, CreateDCW, GetPixel, DeleteDC, GetDIBits, StrokePath |
| COMDLG32.dll | GetSaveFileNameW, GetOpenFileNameW |
| ADVAPI32.dll | GetAce, RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyExW, RegSetValueExW, RegOpenKeyExW, RegCloseKey, RegQueryValueExW, RegConnectRegistryW, InitializeSecurityDescriptor, InitializeAcl, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, DuplicateTokenEx, CreateProcessAsUserW, CreateProcessWithLogonW, GetLengthSid, CopySid, LogonUserW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, GetTokenInformation, RegCreateKeyExW, GetSecurityDescriptorDacl, GetAclInformation, GetUserNameW, AddAce, SetSecurityDescriptorDacl, InitiateSystemShutdownExW |
| SHELL32.dll | DragFinish, DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHEmptyRecycleBinW, SHGetPathFromIDListW, SHBrowseForFolderW, SHCreateShellItem, SHGetDesktopFolder, SHGetSpecialFolderLocation, SHGetFolderPathW, SHFileOperationW, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW |
| ole32.dll | CoTaskMemAlloc, CoTaskMemFree, CLSIDFromString, ProgIDFromCLSID, CLSIDFromProgID, OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoCreateInstance, IIDFromString, StringFromGUID2, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoInitialize, CoUninitialize, GetRunningObjectTable, CoGetInstanceFromFile, CoGetObject, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket |
| OLEAUT32.dll | CreateStdDispatch, CreateDispTypeInfo, UnRegisterTypeLib, UnRegisterTypeLibForUser, RegisterTypeLibForUser, RegisterTypeLib, LoadTypeLibEx, VariantCopyInd, SysReAllocString, SysFreeString, VariantChangeType, SafeArrayDestroyData, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayAllocData, SafeArrayAllocDescriptorEx, SafeArrayCreateVector, SysStringLen, QueryPathOfRegTypeLib, SysAllocString, VariantInit, VariantClear, DispCallFunc, VariantTimeToSystemTime, VarR8FromDec, SafeArrayGetVartype, SafeArrayDestroyDescriptor, VariantCopy, OleLoadPicture |
| Language of compilation system | Country where language is spoken | Map |
|---|---|---|
| English | Great Britain |  |
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Aug 31, 2024 22:05:01.201381922 CEST | 49674 | 443 | 192.168.2.6 | 173.222.162.64 |
| Aug 31, 2024 22:05:01.201381922 CEST | 49673 | 443 | 192.168.2.6 | 173.222.162.64 |
| Aug 31, 2024 22:05:01.513876915 CEST | 49672 | 443 | 192.168.2.6 | 173.222.162.64 |
| Aug 31, 2024 22:05:04.881469965 CEST | 49710 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:04.881521940 CEST | 443 | 49710 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:04.881648064 CEST | 49710 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:04.882251024 CEST | 49710 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:04.882261038 CEST | 443 | 49710 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:05.708369017 CEST | 443 | 49710 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:05.708466053 CEST | 49710 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:05.713150978 CEST | 49710 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:05.713171005 CEST | 443 | 49710 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:05.713404894 CEST | 443 | 49710 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:05.716207981 CEST | 49710 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:05.716279984 CEST | 49710 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:05.716284990 CEST | 443 | 49710 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:05.716449022 CEST | 49710 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:05.760495901 CEST | 443 | 49710 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:05.890866041 CEST | 443 | 49710 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:05.891187906 CEST | 443 | 49710 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:05.891259909 CEST | 49710 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:05.891396046 CEST | 49710 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:05.891421080 CEST | 443 | 49710 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:10.819710970 CEST | 49674 | 443 | 192.168.2.6 | 173.222.162.64 |
| Aug 31, 2024 22:05:10.887341022 CEST | 49673 | 443 | 192.168.2.6 | 173.222.162.64 |
| Aug 31, 2024 22:05:11.200208902 CEST | 49672 | 443 | 192.168.2.6 | 173.222.162.64 |
| Aug 31, 2024 22:05:12.293030024 CEST | 49728 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:12.293052912 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:12.293142080 CEST | 49728 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:12.293468952 CEST | 49728 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:12.293482065 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:12.300335884 CEST | 49729 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:12.300362110 CEST | 443 | 49729 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:12.300441980 CEST | 49729 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:12.300688982 CEST | 49729 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:12.300704956 CEST | 443 | 49729 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:12.782439947 CEST | 443 | 49705 | 173.222.162.64 | 192.168.2.6 |
| Aug 31, 2024 22:05:12.782537937 CEST | 49705 | 443 | 192.168.2.6 | 173.222.162.64 |
| Aug 31, 2024 22:05:12.937814951 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:12.975450039 CEST | 443 | 49729 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:12.991322994 CEST | 49728 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:12.999387026 CEST | 49728 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:12.999396086 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.000463009 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.000474930 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.000528097 CEST | 49728 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:13.003443956 CEST | 49729 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:13.003456116 CEST | 443 | 49729 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.004671097 CEST | 443 | 49729 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.004740000 CEST | 49729 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:13.028755903 CEST | 49729 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:13.028871059 CEST | 443 | 49729 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.028886080 CEST | 49728 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:13.029081106 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.029457092 CEST | 49729 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:13.029476881 CEST | 443 | 49729 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.029531002 CEST | 49728 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:13.029541016 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.096800089 CEST | 49728 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:13.131045103 CEST | 443 | 49729 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.131097078 CEST | 443 | 49729 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.131118059 CEST | 49729 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:13.131128073 CEST | 443 | 49729 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.131172895 CEST | 49729 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:13.131172895 CEST | 49729 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:13.131469965 CEST | 443 | 49729 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.131524086 CEST | 443 | 49729 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.131809950 CEST | 49729 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:13.132361889 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.132384062 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.132390976 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.132412910 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.132425070 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.132436991 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.132436991 CEST | 49728 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:13.132448912 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.132509947 CEST | 49728 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:13.132509947 CEST | 49728 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:13.174263000 CEST | 49729 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:13.174276114 CEST | 443 | 49729 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.186855078 CEST | 49732 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:13.186880112 CEST | 443 | 49732 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.186958075 CEST | 49732 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:13.187613964 CEST | 49732 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:13.187628031 CEST | 443 | 49732 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.215286970 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.215295076 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.215323925 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.215336084 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.215353966 CEST | 49728 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:13.215359926 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.215396881 CEST | 49728 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:13.215425014 CEST | 49728 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:13.216886997 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.216903925 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.216969967 CEST | 49728 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:13.216974974 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.217015982 CEST | 49728 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:13.301589012 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.301611900 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.301662922 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.301673889 CEST | 49728 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:13.301681042 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.301738977 CEST | 49728 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:13.301743984 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.301754951 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.301804066 CEST | 49728 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:13.302592993 CEST | 49728 | 443 | 192.168.2.6 | 13.107.246.42 |
| Aug 31, 2024 22:05:13.302601099 CEST | 443 | 49728 | 13.107.246.42 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.361772060 CEST | 49733 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:05:13.361813068 CEST | 443 | 49733 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.361901045 CEST | 49733 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:05:13.362097979 CEST | 49733 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:05:13.362112045 CEST | 443 | 49733 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.362963915 CEST | 49734 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.363017082 CEST | 443 | 49734 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.363224030 CEST | 49734 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.363224030 CEST | 49734 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.363260031 CEST | 443 | 49734 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.364984035 CEST | 49735 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.364995003 CEST | 443 | 49735 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.365124941 CEST | 49735 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.365271091 CEST | 49735 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.365282059 CEST | 443 | 49735 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.366864920 CEST | 49736 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:05:13.366873980 CEST | 443 | 49736 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.366954088 CEST | 49736 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:05:13.367145061 CEST | 49736 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:05:13.367156029 CEST | 443 | 49736 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.425348043 CEST | 49738 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.425379038 CEST | 443 | 49738 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.425431967 CEST | 49738 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.426166058 CEST | 49738 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.426178932 CEST | 443 | 49738 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.821594954 CEST | 443 | 49736 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.821887970 CEST | 49736 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:05:13.821908951 CEST | 443 | 49736 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.822630882 CEST | 443 | 49733 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.822808027 CEST | 49733 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:05:13.822818995 CEST | 443 | 49733 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.823110104 CEST | 443 | 49736 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.823174000 CEST | 49736 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:05:13.823853016 CEST | 443 | 49733 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.823925018 CEST | 49733 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:05:13.824106932 CEST | 443 | 49734 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.824525118 CEST | 49736 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:05:13.824596882 CEST | 443 | 49736 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.825022936 CEST | 49734 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.825030088 CEST | 443 | 49734 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.825242043 CEST | 49733 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:05:13.825309992 CEST | 443 | 49733 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.825404882 CEST | 49736 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:05:13.825412989 CEST | 443 | 49736 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.825542927 CEST | 49733 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:05:13.825551033 CEST | 443 | 49733 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.826105118 CEST | 443 | 49734 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.826164007 CEST | 49734 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.826992035 CEST | 49734 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.827059031 CEST | 443 | 49734 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.827189922 CEST | 49734 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.827197075 CEST | 443 | 49734 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.843739033 CEST | 443 | 49735 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.843971014 CEST | 49735 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.843980074 CEST | 443 | 49735 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.844986916 CEST | 443 | 49735 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.845072985 CEST | 49735 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.846033096 CEST | 49735 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.846110106 CEST | 443 | 49735 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.846194029 CEST | 49735 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.846201897 CEST | 443 | 49735 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.871575117 CEST | 49736 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:05:13.871736050 CEST | 49733 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:05:13.887304068 CEST | 49734 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.904520988 CEST | 443 | 49738 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.904774904 CEST | 49738 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.904793978 CEST | 443 | 49738 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.906255007 CEST | 443 | 49738 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.906311035 CEST | 49738 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.907609940 CEST | 49738 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.907677889 CEST | 443 | 49738 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.907783985 CEST | 49738 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.940161943 CEST | 443 | 49736 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.940252066 CEST | 443 | 49736 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.940334082 CEST | 49736 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:05:13.940529108 CEST | 49736 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:05:13.940543890 CEST | 443 | 49736 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.940550089 CEST | 443 | 49733 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.940625906 CEST | 443 | 49733 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.940746069 CEST | 49733 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:05:13.940913916 CEST | 49733 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:05:13.940927982 CEST | 443 | 49733 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.948503971 CEST | 443 | 49738 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.958641052 CEST | 443 | 49734 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.958703995 CEST | 443 | 49734 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.960963964 CEST | 49734 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.961023092 CEST | 49734 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.961031914 CEST | 443 | 49734 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.974697113 CEST | 443 | 49735 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.974761009 CEST | 49735 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.974953890 CEST | 49735 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:13.974966049 CEST | 443 | 49735 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:14.003194094 CEST | 443 | 49732 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:14.003277063 CEST | 49732 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:14.005462885 CEST | 49732 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:14.005474091 CEST | 443 | 49732 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:14.005753040 CEST | 443 | 49732 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:14.008313894 CEST | 49732 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:14.008384943 CEST | 49732 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:14.008390903 CEST | 443 | 49732 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:14.008510113 CEST | 49732 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:14.037151098 CEST | 49738 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:14.037178993 CEST | 443 | 49738 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:14.037720919 CEST | 443 | 49738 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:14.037864923 CEST | 49738 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:14.038053036 CEST | 49738 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:14.038073063 CEST | 443 | 49738 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:14.056507111 CEST | 443 | 49732 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:14.119844913 CEST | 49741 | 443 | 192.168.2.6 | 184.28.90.27 |
| Aug 31, 2024 22:05:14.119873047 CEST | 443 | 49741 | 184.28.90.27 | 192.168.2.6 |
| Aug 31, 2024 22:05:14.120083094 CEST | 49741 | 443 | 192.168.2.6 | 184.28.90.27 |
| Aug 31, 2024 22:05:14.123333931 CEST | 49741 | 443 | 192.168.2.6 | 184.28.90.27 |
| Aug 31, 2024 22:05:14.123347044 CEST | 443 | 49741 | 184.28.90.27 | 192.168.2.6 |
| Aug 31, 2024 22:05:14.183568954 CEST | 443 | 49732 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:14.183741093 CEST | 443 | 49732 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:14.183801889 CEST | 49732 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:14.183933020 CEST | 49732 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:14.183948994 CEST | 443 | 49732 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:14.765703917 CEST | 443 | 49741 | 184.28.90.27 | 192.168.2.6 |
| Aug 31, 2024 22:05:14.765780926 CEST | 49741 | 443 | 192.168.2.6 | 184.28.90.27 |
| Aug 31, 2024 22:05:14.817950010 CEST | 49741 | 443 | 192.168.2.6 | 184.28.90.27 |
| Aug 31, 2024 22:05:14.817965984 CEST | 443 | 49741 | 184.28.90.27 | 192.168.2.6 |
| Aug 31, 2024 22:05:14.818392038 CEST | 443 | 49741 | 184.28.90.27 | 192.168.2.6 |
| Aug 31, 2024 22:05:14.862986088 CEST | 49741 | 443 | 192.168.2.6 | 184.28.90.27 |
| Aug 31, 2024 22:05:15.011758089 CEST | 49742 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.011796951 CEST | 443 | 49742 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.011857033 CEST | 49742 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.012237072 CEST | 49743 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.012278080 CEST | 443 | 49743 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.012331963 CEST | 49743 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.014262915 CEST | 49742 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.014275074 CEST | 443 | 49742 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.014506102 CEST | 49743 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.014518976 CEST | 443 | 49743 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.052392006 CEST | 49741 | 443 | 192.168.2.6 | 184.28.90.27 |
| Aug 31, 2024 22:05:15.092505932 CEST | 443 | 49741 | 184.28.90.27 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.237262011 CEST | 443 | 49741 | 184.28.90.27 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.237369061 CEST | 443 | 49741 | 184.28.90.27 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.237477064 CEST | 49741 | 443 | 192.168.2.6 | 184.28.90.27 |
| Aug 31, 2024 22:05:15.254563093 CEST | 49741 | 443 | 192.168.2.6 | 184.28.90.27 |
| Aug 31, 2024 22:05:15.254563093 CEST | 49741 | 443 | 192.168.2.6 | 184.28.90.27 |
| Aug 31, 2024 22:05:15.254580975 CEST | 443 | 49741 | 184.28.90.27 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.254590988 CEST | 443 | 49741 | 184.28.90.27 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.465965986 CEST | 443 | 49743 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.495193958 CEST | 443 | 49742 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.513226032 CEST | 49743 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.547605038 CEST | 49742 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.641038895 CEST | 49742 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.641051054 CEST | 443 | 49742 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.641375065 CEST | 49743 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.641400099 CEST | 443 | 49743 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.641469955 CEST | 443 | 49742 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.642060041 CEST | 443 | 49743 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.643450022 CEST | 49742 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.643583059 CEST | 443 | 49742 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.668354034 CEST | 49743 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.668477058 CEST | 443 | 49743 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.693550110 CEST | 49742 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.708904028 CEST | 49743 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.780853987 CEST | 49744 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:15.780878067 CEST | 443 | 49744 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.781011105 CEST | 49745 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:15.781043053 CEST | 443 | 49745 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.781084061 CEST | 49744 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:15.781094074 CEST | 49745 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:15.781265020 CEST | 49744 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:15.781277895 CEST | 443 | 49744 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.781392097 CEST | 49745 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:15.781409025 CEST | 443 | 49745 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.841048002 CEST | 49746 | 443 | 192.168.2.6 | 184.28.90.27 |
| Aug 31, 2024 22:05:15.841059923 CEST | 443 | 49746 | 184.28.90.27 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.841161966 CEST | 49746 | 443 | 192.168.2.6 | 184.28.90.27 |
| Aug 31, 2024 22:05:15.841563940 CEST | 49746 | 443 | 192.168.2.6 | 184.28.90.27 |
| Aug 31, 2024 22:05:15.841577053 CEST | 443 | 49746 | 184.28.90.27 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.254549980 CEST | 443 | 49744 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.254909039 CEST | 49744 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.254924059 CEST | 443 | 49744 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.255496025 CEST | 443 | 49744 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.255597115 CEST | 49744 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.256419897 CEST | 443 | 49744 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.256484985 CEST | 49744 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.257857084 CEST | 49744 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.257989883 CEST | 443 | 49744 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.258243084 CEST | 49744 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.258251905 CEST | 443 | 49744 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.258900881 CEST | 443 | 49745 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.259099007 CEST | 49745 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.259125948 CEST | 443 | 49745 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.259515047 CEST | 443 | 49745 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.259572029 CEST | 49745 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.260277987 CEST | 443 | 49745 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.260334969 CEST | 49745 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.260508060 CEST | 49745 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.260574102 CEST | 443 | 49745 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.260679007 CEST | 49745 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.260688066 CEST | 443 | 49745 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.311155081 CEST | 49745 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.311170101 CEST | 49744 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.321779013 CEST | 49747 | 443 | 192.168.2.6 | 142.250.80.4 |
| Aug 31, 2024 22:05:16.321825027 CEST | 443 | 49747 | 142.250.80.4 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.321933985 CEST | 49747 | 443 | 192.168.2.6 | 142.250.80.4 |
| Aug 31, 2024 22:05:16.322150946 CEST | 49747 | 443 | 192.168.2.6 | 142.250.80.4 |
| Aug 31, 2024 22:05:16.322164059 CEST | 443 | 49747 | 142.250.80.4 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.365122080 CEST | 443 | 49744 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.365220070 CEST | 443 | 49744 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.365283966 CEST | 49744 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.365824938 CEST | 49744 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.365843058 CEST | 443 | 49744 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.365861893 CEST | 49744 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.365935087 CEST | 49744 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.372502089 CEST | 443 | 49745 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.372576952 CEST | 443 | 49745 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.372632027 CEST | 49745 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.373167038 CEST | 49745 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.373183966 CEST | 443 | 49745 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.479329109 CEST | 443 | 49746 | 184.28.90.27 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.479413033 CEST | 49746 | 443 | 192.168.2.6 | 184.28.90.27 |
| Aug 31, 2024 22:05:16.481502056 CEST | 49746 | 443 | 192.168.2.6 | 184.28.90.27 |
| Aug 31, 2024 22:05:16.481512070 CEST | 443 | 49746 | 184.28.90.27 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.481798887 CEST | 443 | 49746 | 184.28.90.27 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.483990908 CEST | 49746 | 443 | 192.168.2.6 | 184.28.90.27 |
| Aug 31, 2024 22:05:16.524503946 CEST | 443 | 49746 | 184.28.90.27 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.669975996 CEST | 49748 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.670008898 CEST | 443 | 49748 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.670084953 CEST | 49748 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.670340061 CEST | 49748 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.670356035 CEST | 443 | 49748 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.685200930 CEST | 49749 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.685235023 CEST | 443 | 49749 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.685555935 CEST | 49749 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.685833931 CEST | 49749 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.685858965 CEST | 443 | 49749 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.754544020 CEST | 443 | 49746 | 184.28.90.27 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.754597902 CEST | 443 | 49746 | 184.28.90.27 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.754749060 CEST | 49746 | 443 | 192.168.2.6 | 184.28.90.27 |
| Aug 31, 2024 22:05:16.755609989 CEST | 49746 | 443 | 192.168.2.6 | 184.28.90.27 |
| Aug 31, 2024 22:05:16.755609989 CEST | 49746 | 443 | 192.168.2.6 | 184.28.90.27 |
| Aug 31, 2024 22:05:16.755626917 CEST | 443 | 49746 | 184.28.90.27 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.755636930 CEST | 443 | 49746 | 184.28.90.27 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.784943104 CEST | 443 | 49747 | 142.250.80.4 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.785239935 CEST | 49747 | 443 | 192.168.2.6 | 142.250.80.4 |
| Aug 31, 2024 22:05:16.785259962 CEST | 443 | 49747 | 142.250.80.4 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.786283016 CEST | 443 | 49747 | 142.250.80.4 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.786349058 CEST | 49747 | 443 | 192.168.2.6 | 142.250.80.4 |
| Aug 31, 2024 22:05:16.787733078 CEST | 49747 | 443 | 192.168.2.6 | 142.250.80.4 |
| Aug 31, 2024 22:05:16.787798882 CEST | 443 | 49747 | 142.250.80.4 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.787920952 CEST | 49747 | 443 | 192.168.2.6 | 142.250.80.4 |
| Aug 31, 2024 22:05:16.787931919 CEST | 443 | 49747 | 142.250.80.4 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.841490984 CEST | 49747 | 443 | 192.168.2.6 | 142.250.80.4 |
| Aug 31, 2024 22:05:16.883239985 CEST | 443 | 49747 | 142.250.80.4 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.883317947 CEST | 443 | 49747 | 142.250.80.4 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.883348942 CEST | 443 | 49747 | 142.250.80.4 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.883378983 CEST | 443 | 49747 | 142.250.80.4 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.883373976 CEST | 49747 | 443 | 192.168.2.6 | 142.250.80.4 |
| Aug 31, 2024 22:05:16.883399963 CEST | 443 | 49747 | 142.250.80.4 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.883424997 CEST | 49747 | 443 | 192.168.2.6 | 142.250.80.4 |
| Aug 31, 2024 22:05:16.883486032 CEST | 443 | 49747 | 142.250.80.4 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.883544922 CEST | 49747 | 443 | 192.168.2.6 | 142.250.80.4 |
| Aug 31, 2024 22:05:16.884689093 CEST | 49747 | 443 | 192.168.2.6 | 142.250.80.4 |
| Aug 31, 2024 22:05:16.884711981 CEST | 443 | 49747 | 142.250.80.4 | 192.168.2.6 |
| Aug 31, 2024 22:05:17.147073030 CEST | 443 | 49748 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:17.147378922 CEST | 49748 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:17.147398949 CEST | 443 | 49748 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:17.147810936 CEST | 443 | 49748 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:17.147886038 CEST | 49748 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:17.148566961 CEST | 443 | 49748 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:17.148622990 CEST | 49748 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:17.148947001 CEST | 49748 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:17.149018049 CEST | 443 | 49748 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:17.172996998 CEST | 443 | 49749 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:17.173322916 CEST | 49749 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:17.173336029 CEST | 443 | 49749 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:17.173716068 CEST | 443 | 49749 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:17.173777103 CEST | 49749 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:17.174434900 CEST | 443 | 49749 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:17.174488068 CEST | 49749 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:17.174711943 CEST | 49749 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:17.174773932 CEST | 443 | 49749 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:17.199331045 CEST | 49748 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:17.199341059 CEST | 443 | 49748 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:17.214943886 CEST | 49749 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:17.214953899 CEST | 443 | 49749 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:17.246176004 CEST | 49748 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:17.261807919 CEST | 49749 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:21.226710081 CEST | 49750 | 443 | 192.168.2.6 | 13.85.23.86 |
| Aug 31, 2024 22:05:21.226735115 CEST | 443 | 49750 | 13.85.23.86 | 192.168.2.6 |
| Aug 31, 2024 22:05:21.226813078 CEST | 49750 | 443 | 192.168.2.6 | 13.85.23.86 |
| Aug 31, 2024 22:05:21.227916956 CEST | 49750 | 443 | 192.168.2.6 | 13.85.23.86 |
| Aug 31, 2024 22:05:21.227931976 CEST | 443 | 49750 | 13.85.23.86 | 192.168.2.6 |
| Aug 31, 2024 22:05:21.922451973 CEST | 443 | 49750 | 13.85.23.86 | 192.168.2.6 |
| Aug 31, 2024 22:05:21.922522068 CEST | 49750 | 443 | 192.168.2.6 | 13.85.23.86 |
| Aug 31, 2024 22:05:21.924058914 CEST | 49750 | 443 | 192.168.2.6 | 13.85.23.86 |
| Aug 31, 2024 22:05:21.924068928 CEST | 443 | 49750 | 13.85.23.86 | 192.168.2.6 |
| Aug 31, 2024 22:05:21.924314022 CEST | 443 | 49750 | 13.85.23.86 | 192.168.2.6 |
| Aug 31, 2024 22:05:21.965902090 CEST | 49750 | 443 | 192.168.2.6 | 13.85.23.86 |
| Aug 31, 2024 22:05:21.986747026 CEST | 49750 | 443 | 192.168.2.6 | 13.85.23.86 |
| Aug 31, 2024 22:05:22.032507896 CEST | 443 | 49750 | 13.85.23.86 | 192.168.2.6 |
| Aug 31, 2024 22:05:22.211024046 CEST | 443 | 49750 | 13.85.23.86 | 192.168.2.6 |
| Aug 31, 2024 22:05:22.211052895 CEST | 443 | 49750 | 13.85.23.86 | 192.168.2.6 |
| Aug 31, 2024 22:05:22.211060047 CEST | 443 | 49750 | 13.85.23.86 | 192.168.2.6 |
| Aug 31, 2024 22:05:22.211070061 CEST | 443 | 49750 | 13.85.23.86 | 192.168.2.6 |
| Aug 31, 2024 22:05:22.211093903 CEST | 443 | 49750 | 13.85.23.86 | 192.168.2.6 |
| Aug 31, 2024 22:05:22.211121082 CEST | 49750 | 443 | 192.168.2.6 | 13.85.23.86 |
| Aug 31, 2024 22:05:22.211136103 CEST | 443 | 49750 | 13.85.23.86 | 192.168.2.6 |
| Aug 31, 2024 22:05:22.211150885 CEST | 49750 | 443 | 192.168.2.6 | 13.85.23.86 |
| Aug 31, 2024 22:05:22.211180925 CEST | 49750 | 443 | 192.168.2.6 | 13.85.23.86 |
| Aug 31, 2024 22:05:22.211251020 CEST | 443 | 49750 | 13.85.23.86 | 192.168.2.6 |
| Aug 31, 2024 22:05:22.211302042 CEST | 49750 | 443 | 192.168.2.6 | 13.85.23.86 |
| Aug 31, 2024 22:05:22.211308956 CEST | 443 | 49750 | 13.85.23.86 | 192.168.2.6 |
| Aug 31, 2024 22:05:22.211401939 CEST | 443 | 49750 | 13.85.23.86 | 192.168.2.6 |
| Aug 31, 2024 22:05:22.211474895 CEST | 49750 | 443 | 192.168.2.6 | 13.85.23.86 |
| Aug 31, 2024 22:05:22.223843098 CEST | 49750 | 443 | 192.168.2.6 | 13.85.23.86 |
| Aug 31, 2024 22:05:22.223858118 CEST | 443 | 49750 | 13.85.23.86 | 192.168.2.6 |
| Aug 31, 2024 22:05:22.223917007 CEST | 49750 | 443 | 192.168.2.6 | 13.85.23.86 |
| Aug 31, 2024 22:05:22.223926067 CEST | 443 | 49750 | 13.85.23.86 | 192.168.2.6 |
| Aug 31, 2024 22:05:25.377842903 CEST | 49705 | 443 | 192.168.2.6 | 173.222.162.64 |
| Aug 31, 2024 22:05:25.377939939 CEST | 49705 | 443 | 192.168.2.6 | 173.222.162.64 |
| Aug 31, 2024 22:05:25.378449917 CEST | 49754 | 443 | 192.168.2.6 | 173.222.162.64 |
| Aug 31, 2024 22:05:25.378510952 CEST | 443 | 49754 | 173.222.162.64 | 192.168.2.6 |
| Aug 31, 2024 22:05:25.378750086 CEST | 49754 | 443 | 192.168.2.6 | 173.222.162.64 |
| Aug 31, 2024 22:05:25.379151106 CEST | 49754 | 443 | 192.168.2.6 | 173.222.162.64 |
| Aug 31, 2024 22:05:25.379164934 CEST | 443 | 49754 | 173.222.162.64 | 192.168.2.6 |
| Aug 31, 2024 22:05:25.382931948 CEST | 443 | 49705 | 173.222.162.64 | 192.168.2.6 |
| Aug 31, 2024 22:05:25.383284092 CEST | 443 | 49705 | 173.222.162.64 | 192.168.2.6 |
| Aug 31, 2024 22:05:25.680835009 CEST | 49755 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:25.680880070 CEST | 443 | 49755 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:25.681046963 CEST | 49755 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:25.681750059 CEST | 49755 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:25.681766033 CEST | 443 | 49755 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:25.991861105 CEST | 443 | 49754 | 173.222.162.64 | 192.168.2.6 |
| Aug 31, 2024 22:05:25.991940022 CEST | 49754 | 443 | 192.168.2.6 | 173.222.162.64 |
| Aug 31, 2024 22:05:26.461930990 CEST | 443 | 49755 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:26.461990118 CEST | 49755 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:26.467914104 CEST | 49755 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:26.467926025 CEST | 443 | 49755 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:26.468127012 CEST | 443 | 49755 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:26.470216036 CEST | 49755 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:26.470294952 CEST | 49755 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:26.470299006 CEST | 443 | 49755 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:26.470701933 CEST | 49755 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:26.512501955 CEST | 443 | 49755 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:26.640506983 CEST | 443 | 49755 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:26.640594959 CEST | 443 | 49755 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:26.640644073 CEST | 49755 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:26.640774012 CEST | 49755 | 443 | 192.168.2.6 | 40.113.110.67 |
| Aug 31, 2024 22:05:26.640786886 CEST | 443 | 49755 | 40.113.110.67 | 192.168.2.6 |
| Aug 31, 2024 22:05:30.376842976 CEST | 443 | 49743 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:30.376952887 CEST | 443 | 49743 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:30.377002954 CEST | 49743 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:30.399975061 CEST | 443 | 49742 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:30.400053978 CEST | 443 | 49742 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:30.400099039 CEST | 49742 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:45.153799057 CEST | 443 | 49754 | 173.222.162.64 | 192.168.2.6 |
| Aug 31, 2024 22:05:45.153911114 CEST | 49754 | 443 | 192.168.2.6 | 173.222.162.64 |
| Aug 31, 2024 22:05:45.247262955 CEST | 49756 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:05:45.247318983 CEST | 443 | 49756 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:05:45.247394085 CEST | 49756 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:05:45.248086929 CEST | 49756 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:05:45.248106003 CEST | 443 | 49756 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:05:46.029726982 CEST | 443 | 49756 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:05:46.029849052 CEST | 49756 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:05:46.031611919 CEST | 49756 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:05:46.031625986 CEST | 443 | 49756 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:05:46.031858921 CEST | 443 | 49756 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:05:46.033356905 CEST | 49756 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:05:46.033421993 CEST | 49756 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:05:46.033430099 CEST | 443 | 49756 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:05:46.033552885 CEST | 49756 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:05:46.080518007 CEST | 443 | 49756 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:05:46.206162930 CEST | 443 | 49756 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:05:46.206671953 CEST | 443 | 49756 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:05:46.206779003 CEST | 49756 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:05:46.235788107 CEST | 49756 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:05:46.235830069 CEST | 443 | 49756 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:05:58.624489069 CEST | 49757 | 443 | 192.168.2.6 | 20.12.23.50 |
| Aug 31, 2024 22:05:58.624509096 CEST | 443 | 49757 | 20.12.23.50 | 192.168.2.6 |
| Aug 31, 2024 22:05:58.624581099 CEST | 49757 | 443 | 192.168.2.6 | 20.12.23.50 |
| Aug 31, 2024 22:05:58.624964952 CEST | 49757 | 443 | 192.168.2.6 | 20.12.23.50 |
| Aug 31, 2024 22:05:58.624977112 CEST | 443 | 49757 | 20.12.23.50 | 192.168.2.6 |
| Aug 31, 2024 22:05:59.240148067 CEST | 443 | 49757 | 20.12.23.50 | 192.168.2.6 |
| Aug 31, 2024 22:05:59.240246058 CEST | 49757 | 443 | 192.168.2.6 | 20.12.23.50 |
| Aug 31, 2024 22:05:59.241801977 CEST | 49757 | 443 | 192.168.2.6 | 20.12.23.50 |
| Aug 31, 2024 22:05:59.241811991 CEST | 443 | 49757 | 20.12.23.50 | 192.168.2.6 |
| Aug 31, 2024 22:05:59.242109060 CEST | 443 | 49757 | 20.12.23.50 | 192.168.2.6 |
| Aug 31, 2024 22:05:59.250103951 CEST | 49757 | 443 | 192.168.2.6 | 20.12.23.50 |
| Aug 31, 2024 22:05:59.296508074 CEST | 443 | 49757 | 20.12.23.50 | 192.168.2.6 |
| Aug 31, 2024 22:05:59.455480099 CEST | 443 | 49757 | 20.12.23.50 | 192.168.2.6 |
| Aug 31, 2024 22:05:59.455504894 CEST | 443 | 49757 | 20.12.23.50 | 192.168.2.6 |
| Aug 31, 2024 22:05:59.455517054 CEST | 443 | 49757 | 20.12.23.50 | 192.168.2.6 |
| Aug 31, 2024 22:05:59.455730915 CEST | 49757 | 443 | 192.168.2.6 | 20.12.23.50 |
| Aug 31, 2024 22:05:59.455748081 CEST | 443 | 49757 | 20.12.23.50 | 192.168.2.6 |
| Aug 31, 2024 22:05:59.455868006 CEST | 49757 | 443 | 192.168.2.6 | 20.12.23.50 |
| Aug 31, 2024 22:05:59.456423044 CEST | 443 | 49757 | 20.12.23.50 | 192.168.2.6 |
| Aug 31, 2024 22:05:59.456459999 CEST | 443 | 49757 | 20.12.23.50 | 192.168.2.6 |
| Aug 31, 2024 22:05:59.456523895 CEST | 49757 | 443 | 192.168.2.6 | 20.12.23.50 |
| Aug 31, 2024 22:05:59.456528902 CEST | 443 | 49757 | 20.12.23.50 | 192.168.2.6 |
| Aug 31, 2024 22:05:59.456568003 CEST | 443 | 49757 | 20.12.23.50 | 192.168.2.6 |
| Aug 31, 2024 22:05:59.456619978 CEST | 49757 | 443 | 192.168.2.6 | 20.12.23.50 |
| Aug 31, 2024 22:05:59.456686974 CEST | 49757 | 443 | 192.168.2.6 | 20.12.23.50 |
| Aug 31, 2024 22:05:59.468390942 CEST | 49757 | 443 | 192.168.2.6 | 20.12.23.50 |
| Aug 31, 2024 22:05:59.468406916 CEST | 443 | 49757 | 20.12.23.50 | 192.168.2.6 |
| Aug 31, 2024 22:05:59.468429089 CEST | 49757 | 443 | 192.168.2.6 | 20.12.23.50 |
| Aug 31, 2024 22:05:59.468434095 CEST | 443 | 49757 | 20.12.23.50 | 192.168.2.6 |
| Aug 31, 2024 22:06:02.200648069 CEST | 49748 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:06:02.200690031 CEST | 443 | 49748 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:02.216303110 CEST | 49749 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:06:02.216317892 CEST | 443 | 49749 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:07.878926039 CEST | 49758 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:07.878946066 CEST | 443 | 49758 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:07.879038095 CEST | 49758 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:07.879209995 CEST | 49759 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:07.879241943 CEST | 443 | 49759 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:07.879297018 CEST | 49759 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:07.879481077 CEST | 49758 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:07.879493952 CEST | 443 | 49758 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:07.879627943 CEST | 49759 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:07.879640102 CEST | 443 | 49759 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:08.333837986 CEST | 443 | 49759 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:08.334176064 CEST | 49759 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:08.334202051 CEST | 443 | 49759 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:08.334546089 CEST | 443 | 49759 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:08.334861040 CEST | 49759 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:08.334932089 CEST | 443 | 49759 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:08.354368925 CEST | 443 | 49758 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:08.354588985 CEST | 49758 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:08.354608059 CEST | 443 | 49758 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:08.354970932 CEST | 443 | 49758 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:08.355271101 CEST | 49758 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:08.355331898 CEST | 443 | 49758 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:08.388192892 CEST | 49759 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:08.403801918 CEST | 49758 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:09.951430082 CEST | 49761 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:09.951483011 CEST | 443 | 49761 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:09.951550961 CEST | 49761 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:09.951739073 CEST | 49762 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:09.951745987 CEST | 443 | 49762 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:09.951797962 CEST | 49762 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:09.951937914 CEST | 49761 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:09.951955080 CEST | 443 | 49761 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:09.952065945 CEST | 49762 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:09.952076912 CEST | 443 | 49762 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.407776117 CEST | 443 | 49762 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.408358097 CEST | 49762 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:10.408368111 CEST | 443 | 49762 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.408915997 CEST | 443 | 49762 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.409447908 CEST | 49762 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:10.409538031 CEST | 443 | 49762 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.409832954 CEST | 49762 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:10.413614035 CEST | 443 | 49761 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.413850069 CEST | 49761 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:10.413858891 CEST | 443 | 49761 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.414199114 CEST | 443 | 49761 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.414632082 CEST | 49761 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:10.414697886 CEST | 443 | 49761 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.414891958 CEST | 49761 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:10.456502914 CEST | 443 | 49762 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.460503101 CEST | 443 | 49761 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.537339926 CEST | 443 | 49761 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.537412882 CEST | 443 | 49761 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.537482977 CEST | 49761 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:10.537910938 CEST | 49761 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:10.537933111 CEST | 443 | 49761 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.545510054 CEST | 443 | 49762 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.545588017 CEST | 443 | 49762 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.545639992 CEST | 49762 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:10.545754910 CEST | 49762 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:10.545762062 CEST | 443 | 49762 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:11.600677013 CEST | 49764 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:06:11.600724936 CEST | 443 | 49764 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:06:11.600792885 CEST | 49764 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:06:11.601587057 CEST | 49764 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:06:11.601603031 CEST | 443 | 49764 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:06:12.382356882 CEST | 443 | 49764 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:06:12.382527113 CEST | 49764 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:06:12.384300947 CEST | 49764 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:06:12.384315014 CEST | 443 | 49764 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:06:12.384574890 CEST | 443 | 49764 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:06:12.386477947 CEST | 49764 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:06:12.386543036 CEST | 49764 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:06:12.386550903 CEST | 443 | 49764 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:06:12.386682034 CEST | 49764 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:06:12.432502985 CEST | 443 | 49764 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:06:12.561758041 CEST | 443 | 49764 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:06:12.561880112 CEST | 443 | 49764 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:06:12.562000036 CEST | 49764 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:06:12.562315941 CEST | 49764 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:06:12.562330961 CEST | 443 | 49764 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:06:15.387008905 CEST | 49743 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:15.387047052 CEST | 443 | 49743 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:15.402616024 CEST | 49742 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:15.402643919 CEST | 443 | 49742 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:23.248234987 CEST | 443 | 49759 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:23.248303890 CEST | 443 | 49759 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:23.248450994 CEST | 49759 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:23.260401011 CEST | 443 | 49758 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:23.260471106 CEST | 443 | 49758 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:23.260528088 CEST | 49758 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:40.896461964 CEST | 49766 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:06:40.896529913 CEST | 443 | 49766 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:06:40.896610975 CEST | 49766 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:06:40.897193909 CEST | 49766 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:06:40.897209883 CEST | 443 | 49766 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:06:41.906127930 CEST | 443 | 49766 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:06:41.906238079 CEST | 49766 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:06:41.910749912 CEST | 49766 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:06:41.910763979 CEST | 443 | 49766 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:06:41.911017895 CEST | 443 | 49766 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:06:41.912898064 CEST | 49766 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:06:41.912962914 CEST | 49766 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:06:41.912966967 CEST | 443 | 49766 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:06:41.913089991 CEST | 49766 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:06:41.960493088 CEST | 443 | 49766 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:06:42.092324018 CEST | 443 | 49766 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:06:42.093044996 CEST | 443 | 49766 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:06:42.093127012 CEST | 49766 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:06:42.093415022 CEST | 49766 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:06:42.093436956 CEST | 443 | 49766 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:06:42.093449116 CEST | 49766 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:06:47.215631962 CEST | 49748 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:06:47.215657949 CEST | 443 | 49748 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:47.221609116 CEST | 49749 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:06:47.221621990 CEST | 443 | 49749 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:07:00.403129101 CEST | 49743 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:07:00.403170109 CEST | 443 | 49743 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:07:00.418731928 CEST | 49742 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:07:00.418756962 CEST | 443 | 49742 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:07:08.248682022 CEST | 49759 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:07:08.248713017 CEST | 443 | 49759 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:07:08.264456987 CEST | 49758 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:07:08.264491081 CEST | 443 | 49758 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:07:12.975863934 CEST | 49767 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:07:12.975925922 CEST | 443 | 49767 | 40.113.103.199 | 192.168.2.6 |
| Aug 31, 2024 22:07:12.976005077 CEST | 49767 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:07:12.976737022 CEST | 49767 | 443 | 192.168.2.6 | 40.113.103.199 |
| Aug 31, 2024 22:07:12.976756096 CEST | 443 | 49767 | 40.113.103.199 | 192.168.2.6 |
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Aug 31, 2024 22:05:09.012178898 CEST | 53 | 63026 | 1.1.1.1 | 192.168.2.6 |
| Aug 31, 2024 22:05:09.950236082 CEST | 65291 | 53 | 192.168.2.6 | 1.1.1.1 |
| Aug 31, 2024 22:05:09.950416088 CEST | 64943 | 53 | 192.168.2.6 | 1.1.1.1 |
| Aug 31, 2024 22:05:11.501440048 CEST | 53 | 55247 | 1.1.1.1 | 192.168.2.6 |
| Aug 31, 2024 22:05:11.505796909 CEST | 53 | 51101 | 1.1.1.1 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.354222059 CEST | 53998 | 53 | 192.168.2.6 | 1.1.1.1 |
| Aug 31, 2024 22:05:13.354535103 CEST | 52125 | 53 | 192.168.2.6 | 1.1.1.1 |
| Aug 31, 2024 22:05:13.355182886 CEST | 51190 | 53 | 192.168.2.6 | 1.1.1.1 |
| Aug 31, 2024 22:05:13.355312109 CEST | 53938 | 53 | 192.168.2.6 | 1.1.1.1 |
| Aug 31, 2024 22:05:13.356575966 CEST | 62561 | 53 | 192.168.2.6 | 1.1.1.1 |
| Aug 31, 2024 22:05:13.356889009 CEST | 58755 | 53 | 192.168.2.6 | 1.1.1.1 |
| Aug 31, 2024 22:05:13.359323978 CEST | 55639 | 53 | 192.168.2.6 | 1.1.1.1 |
| Aug 31, 2024 22:05:13.359556913 CEST | 50412 | 53 | 192.168.2.6 | 1.1.1.1 |
| Aug 31, 2024 22:05:13.360976934 CEST | 53 | 53998 | 1.1.1.1 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.361207962 CEST | 53 | 52125 | 1.1.1.1 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.362260103 CEST | 53 | 53938 | 1.1.1.1 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.362520933 CEST | 53 | 51190 | 1.1.1.1 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.363781929 CEST | 53 | 58755 | 1.1.1.1 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.364535093 CEST | 53 | 62561 | 1.1.1.1 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.365973949 CEST | 53 | 55639 | 1.1.1.1 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.366485119 CEST | 53 | 50412 | 1.1.1.1 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.415457964 CEST | 61334 | 53 | 192.168.2.6 | 1.1.1.1 |
| Aug 31, 2024 22:05:13.415604115 CEST | 54576 | 53 | 192.168.2.6 | 1.1.1.1 |
| Aug 31, 2024 22:05:13.423568964 CEST | 53 | 54576 | 1.1.1.1 | 192.168.2.6 |
| Aug 31, 2024 22:05:13.424881935 CEST | 53 | 61334 | 1.1.1.1 | 192.168.2.6 |
| Aug 31, 2024 22:05:14.689512968 CEST | 64142 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.008953094 CEST | 64142 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.154555082 CEST | 443 | 64142 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.154576063 CEST | 443 | 64142 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.154583931 CEST | 443 | 64142 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.154589891 CEST | 443 | 64142 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.154598951 CEST | 443 | 64142 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.168102026 CEST | 64142 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.171776056 CEST | 64142 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.172904015 CEST | 64142 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.173046112 CEST | 64142 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.173362017 CEST | 64142 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.174053907 CEST | 64142 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.272469044 CEST | 443 | 64142 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.272505999 CEST | 443 | 64142 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.272965908 CEST | 443 | 64142 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.272970915 CEST | 443 | 64142 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.273448944 CEST | 443 | 64142 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.273974895 CEST | 443 | 64142 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.274699926 CEST | 443 | 64142 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.304410934 CEST | 64142 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.304594994 CEST | 64142 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.304749966 CEST | 64142 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.403489113 CEST | 443 | 64142 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.656547070 CEST | 443 | 64142 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.670121908 CEST | 64142 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.678262949 CEST | 64142 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.678385973 CEST | 64142 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:15.779015064 CEST | 443 | 64142 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.779575109 CEST | 443 | 64142 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.780016899 CEST | 443 | 64142 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:15.780281067 CEST | 64142 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:16.219172955 CEST | 64142 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:16.219754934 CEST | 64142 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:16.319974899 CEST | 443 | 64142 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.320694923 CEST | 443 | 64142 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.320832014 CEST | 443 | 64142 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.321326017 CEST | 64142 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:05:16.367456913 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.669636965 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.810828924 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.810843945 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.811376095 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.817363977 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.817375898 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.817387104 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.817399979 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.817617893 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.818308115 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.819297075 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.819439888 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.819868088 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.819907904 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.827079058 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.912897110 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.912909985 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.913261890 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.913537979 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.921061039 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.921272039 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.939161062 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.939409971 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.950622082 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.950788975 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:16.954499006 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:16.982995033 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:17.047805071 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:24.475377083 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:24.475446939 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:24.572182894 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:24.606148958 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:24.616374969 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:24.616985083 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:24.741954088 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:45.780656099 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:45.780704021 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:45.874562025 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:45.888664007 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:45.888737917 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:45.889060020 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:45.919312954 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:46.007837057 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:46.577392101 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:46.684519053 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:46.684540987 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:46.684925079 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:46.713855028 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:46.816178083 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:46.843816042 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:46.843853951 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:46.937757969 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:46.952497959 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:46.952598095 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:05:46.952770948 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:46.982139111 CEST | 53169 | 443 | 192.168.2.6 | 142.251.40.238 |
| Aug 31, 2024 22:05:47.070976019 CEST | 443 | 53169 | 142.251.40.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:07.878647089 CEST | 61841 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:08.187335014 CEST | 61841 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:08.329096079 CEST | 443 | 61841 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:08.329111099 CEST | 443 | 61841 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:08.329123974 CEST | 443 | 61841 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:08.329142094 CEST | 443 | 61841 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:08.329158068 CEST | 443 | 61841 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:08.329833031 CEST | 61841 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:08.331854105 CEST | 61841 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:08.331981897 CEST | 61841 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:08.332289934 CEST | 61841 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:08.332415104 CEST | 61841 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:08.428092003 CEST | 443 | 61841 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:08.428109884 CEST | 443 | 61841 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:08.428118944 CEST | 443 | 61841 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:08.428127050 CEST | 443 | 61841 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:08.428533077 CEST | 61841 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:08.428601027 CEST | 61841 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:08.429393053 CEST | 443 | 61841 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:08.430413961 CEST | 443 | 61841 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:08.430489063 CEST | 443 | 61841 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:08.430665016 CEST | 61841 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:08.524092913 CEST | 443 | 61841 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:08.560249090 CEST | 61841 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:08.734355927 CEST | 443 | 61841 | 172.64.41.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:08.763442993 CEST | 61841 | 443 | 192.168.2.6 | 172.64.41.3 |
| Aug 31, 2024 22:06:09.951179028 CEST | 51873 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:10.343914986 CEST | 51873 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:10.417851925 CEST | 443 | 51873 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.417866945 CEST | 443 | 51873 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.418004036 CEST | 443 | 51873 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.418016911 CEST | 443 | 51873 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.418283939 CEST | 51873 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:10.420120955 CEST | 51873 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:10.420232058 CEST | 51873 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:10.438843012 CEST | 443 | 51873 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.515214920 CEST | 443 | 51873 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.515233040 CEST | 443 | 51873 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.515240908 CEST | 443 | 51873 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.515254021 CEST | 443 | 51873 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.515655041 CEST | 51873 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:10.515723944 CEST | 51873 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:10.609586000 CEST | 443 | 51873 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:10.652796984 CEST | 51873 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:16.923620939 CEST | 56716 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:16.923772097 CEST | 56716 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:16.924101114 CEST | 56716 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:16.924221992 CEST | 56716 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:17.382981062 CEST | 443 | 56716 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:17.393862009 CEST | 56716 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:17.431227922 CEST | 56716 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:17.488096952 CEST | 443 | 56716 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:17.488126993 CEST | 443 | 56716 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:17.488137960 CEST | 443 | 56716 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:17.488147974 CEST | 443 | 56716 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:17.488907099 CEST | 56716 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:17.489001989 CEST | 56716 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:17.490124941 CEST | 56716 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:17.490256071 CEST | 56716 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:17.583110094 CEST | 443 | 56716 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:17.583481073 CEST | 56716 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:17.584935904 CEST | 443 | 56716 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:17.585810900 CEST | 443 | 56716 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:17.585942984 CEST | 443 | 56716 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:17.586236000 CEST | 56716 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:17.586918116 CEST | 53583 | 443 | 192.168.2.6 | 172.253.63.84 |
| Aug 31, 2024 22:06:17.587042093 CEST | 53583 | 443 | 192.168.2.6 | 172.253.63.84 |
| Aug 31, 2024 22:06:17.678910017 CEST | 443 | 56716 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:17.679523945 CEST | 443 | 56716 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:17.679703951 CEST | 443 | 56716 | 162.159.61.3 | 192.168.2.6 |
| Aug 31, 2024 22:06:17.680241108 CEST | 56716 | 443 | 192.168.2.6 | 162.159.61.3 |
| Aug 31, 2024 22:06:17.682744026 CEST | 58457 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:17.683165073 CEST | 58457 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:18.050239086 CEST | 58457 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:18.051939964 CEST | 443 | 53583 | 172.253.63.84 | 192.168.2.6 |
| Aug 31, 2024 22:06:18.052088022 CEST | 443 | 53583 | 172.253.63.84 | 192.168.2.6 |
| Aug 31, 2024 22:06:18.052103996 CEST | 443 | 53583 | 172.253.63.84 | 192.168.2.6 |
| Aug 31, 2024 22:06:18.052114964 CEST | 443 | 53583 | 172.253.63.84 | 192.168.2.6 |
| Aug 31, 2024 22:06:18.052424908 CEST | 53583 | 443 | 192.168.2.6 | 172.253.63.84 |
| Aug 31, 2024 22:06:18.052587986 CEST | 443 | 53583 | 172.253.63.84 | 192.168.2.6 |
| Aug 31, 2024 22:06:18.053179026 CEST | 53583 | 443 | 192.168.2.6 | 172.253.63.84 |
| Aug 31, 2024 22:06:18.053652048 CEST | 53583 | 443 | 192.168.2.6 | 172.253.63.84 |
| Aug 31, 2024 22:06:18.154217005 CEST | 443 | 58457 | 142.250.65.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:18.154479980 CEST | 443 | 58457 | 142.250.65.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:18.155081034 CEST | 443 | 53583 | 172.253.63.84 | 192.168.2.6 |
| Aug 31, 2024 22:06:18.155678988 CEST | 443 | 53583 | 172.253.63.84 | 192.168.2.6 |
| Aug 31, 2024 22:06:18.155689955 CEST | 443 | 53583 | 172.253.63.84 | 192.168.2.6 |
| Aug 31, 2024 22:06:18.156297922 CEST | 443 | 58457 | 142.250.65.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:18.159956932 CEST | 53583 | 443 | 192.168.2.6 | 172.253.63.84 |
| Aug 31, 2024 22:06:18.160463095 CEST | 58457 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:18.160536051 CEST | 58457 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:18.160593033 CEST | 58457 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:18.160813093 CEST | 58457 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:18.160825014 CEST | 58457 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:18.160960913 CEST | 58457 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:18.160972118 CEST | 58457 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:18.185112000 CEST | 53583 | 443 | 192.168.2.6 | 172.253.63.84 |
| Aug 31, 2024 22:06:18.192653894 CEST | 443 | 53583 | 172.253.63.84 | 192.168.2.6 |
| Aug 31, 2024 22:06:18.192939043 CEST | 53583 | 443 | 192.168.2.6 | 172.253.63.84 |
| Aug 31, 2024 22:06:18.193607092 CEST | 443 | 53583 | 172.253.63.84 | 192.168.2.6 |
| Aug 31, 2024 22:06:18.193615913 CEST | 443 | 53583 | 172.253.63.84 | 192.168.2.6 |
| Aug 31, 2024 22:06:18.194048882 CEST | 53583 | 443 | 192.168.2.6 | 172.253.63.84 |
| Aug 31, 2024 22:06:18.260143995 CEST | 443 | 58457 | 142.250.65.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:18.260454893 CEST | 58457 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:18.260639906 CEST | 443 | 58457 | 142.250.65.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:18.260823965 CEST | 58457 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:18.260910988 CEST | 443 | 58457 | 142.250.65.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:18.260920048 CEST | 443 | 58457 | 142.250.65.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:18.261064053 CEST | 443 | 58457 | 142.250.65.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:18.261106968 CEST | 58457 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:18.274748087 CEST | 443 | 58457 | 142.250.65.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:18.274759054 CEST | 443 | 58457 | 142.250.65.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:18.274766922 CEST | 443 | 58457 | 142.250.65.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:18.274775028 CEST | 443 | 58457 | 142.250.65.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:18.275177002 CEST | 58457 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:18.275249958 CEST | 58457 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:18.275315046 CEST | 58457 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:18.316529989 CEST | 443 | 53583 | 172.253.63.84 | 192.168.2.6 |
| Aug 31, 2024 22:06:18.376306057 CEST | 443 | 58457 | 142.250.65.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:48.073414087 CEST | 59733 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:48.073602915 CEST | 59733 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:48.529512882 CEST | 443 | 59733 | 142.250.65.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:48.529573917 CEST | 443 | 59733 | 142.250.65.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:48.538757086 CEST | 59733 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:48.538757086 CEST | 59733 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:48.539108992 CEST | 59733 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:48.539124012 CEST | 59733 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:48.539252043 CEST | 59733 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:48.539273024 CEST | 59733 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:48.547779083 CEST | 443 | 59733 | 142.250.65.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:48.632900000 CEST | 443 | 59733 | 142.250.65.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:48.633416891 CEST | 443 | 59733 | 142.250.65.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:48.633524895 CEST | 443 | 59733 | 142.250.65.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:48.633601904 CEST | 59733 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:48.633846998 CEST | 443 | 59733 | 142.250.65.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:48.647484064 CEST | 443 | 59733 | 142.250.65.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:48.647583008 CEST | 443 | 59733 | 142.250.65.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:48.647594929 CEST | 443 | 59733 | 142.250.65.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:48.647780895 CEST | 59733 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:48.647903919 CEST | 443 | 59733 | 142.250.65.238 | 192.168.2.6 |
| Aug 31, 2024 22:06:48.647953033 CEST | 59733 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:48.684603930 CEST | 59733 | 443 | 192.168.2.6 | 142.250.65.238 |
| Aug 31, 2024 22:06:48.742140055 CEST | 443 | 59733 | 142.250.65.238 | 192.168.2.6 |
| Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|
| Aug 31, 2024 22:05:09.950236082 CEST | 192.168.2.6 | 1.1.1.1 | 0x6f2c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Aug 31, 2024 22:05:09.950416088 CEST | 192.168.2.6 | 1.1.1.1 | 0x3a1a | Standard query (0) | 65 | IN (0x0001) | false | |
| Aug 31, 2024 22:05:13.354222059 CEST | 192.168.2.6 | 1.1.1.1 | 0x4d74 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Aug 31, 2024 22:05:13.354535103 CEST | 192.168.2.6 | 1.1.1.1 | 0x206b | Standard query (0) | 65 | IN (0x0001) | false | |
| Aug 31, 2024 22:05:13.355182886 CEST | 192.168.2.6 | 1.1.1.1 | 0xce67 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Aug 31, 2024 22:05:13.355312109 CEST | 192.168.2.6 | 1.1.1.1 | 0xcf91 | Standard query (0) | 65 | IN (0x0001) | false | |
| Aug 31, 2024 22:05:13.356575966 CEST | 192.168.2.6 | 1.1.1.1 | 0xc94f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Aug 31, 2024 22:05:13.356889009 CEST | 192.168.2.6 | 1.1.1.1 | 0xd1ec | Standard query (0) | 65 | IN (0x0001) | false | |
| Aug 31, 2024 22:05:13.359323978 CEST | 192.168.2.6 | 1.1.1.1 | 0x143 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Aug 31, 2024 22:05:13.359556913 CEST | 192.168.2.6 | 1.1.1.1 | 0xc39f | Standard query (0) | 65 | IN (0x0001) | false | |
| Aug 31, 2024 22:05:13.415457964 CEST | 192.168.2.6 | 1.1.1.1 | 0x4dd9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Aug 31, 2024 22:05:13.415604115 CEST | 192.168.2.6 | 1.1.1.1 | 0xc474 | Standard query (0) | 65 | IN (0x0001) | false | |
| 2024-08-31 20:06:10 UTC | 192.168.2.6 | 162.159.61.3 | 0x0 | Standard query (0) | A (IP address) | IN (0x0001) | true | |
| 2024-08-31 20:06:10 UTC | 192.168.2.6 | 162.159.61.3 | 0x0 | Standard query (0) | 65 | IN (0x0001) | true |
| Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|---|---|
| Aug 31, 2024 22:05:09.959372997 CEST | 1.1.1.1 | 192.168.2.6 | 0x6f2c | No error (0) | bzib.nelreports.net.akamaized.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Aug 31, 2024 22:05:09.960189104 CEST | 1.1.1.1 | 192.168.2.6 | 0x3a1a | No error (0) | bzib.nelreports.net.akamaized.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Aug 31, 2024 22:05:12.292205095 CEST | 1.1.1.1 | 192.168.2.6 | 0xf7c4 | No error (0) | s-part-0014.t-0009.t-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
| Aug 31, 2024 22:05:12.292205095 CEST | 1.1.1.1 | 192.168.2.6 | 0xf7c4 | No error (0) | 13.107.246.42 | A (IP address) | IN (0x0001) | false | ||
| Aug 31, 2024 22:05:13.360976934 CEST | 1.1.1.1 | 192.168.2.6 | 0x4d74 | No error (0) | 172.64.41.3 | A (IP address) | IN (0x0001) | false | ||
| Aug 31, 2024 22:05:13.360976934 CEST | 1.1.1.1 | 192.168.2.6 | 0x4d74 | No error (0) | 162.159.61.3 | A (IP address) | IN (0x0001) | false | ||
| Aug 31, 2024 22:05:13.361207962 CEST | 1.1.1.1 | 192.168.2.6 | 0x206b | No error (0) | 65 | IN (0x0001) | false | |||
| Aug 31, 2024 22:05:13.362260103 CEST | 1.1.1.1 | 192.168.2.6 | 0xcf91 | No error (0) | 65 | IN (0x0001) | false | |||
| Aug 31, 2024 22:05:13.362520933 CEST | 1.1.1.1 | 192.168.2.6 | 0xce67 | No error (0) | 162.159.61.3 | A (IP address) | IN (0x0001) | false | ||
| Aug 31, 2024 22:05:13.362520933 CEST | 1.1.1.1 | 192.168.2.6 | 0xce67 | No error (0) | 172.64.41.3 | A (IP address) | IN (0x0001) | false | ||
| Aug 31, 2024 22:05:13.363781929 CEST | 1.1.1.1 | 192.168.2.6 | 0xd1ec | No error (0) | 65 | IN (0x0001) | false | |||
| Aug 31, 2024 22:05:13.364535093 CEST | 1.1.1.1 | 192.168.2.6 | 0xc94f | No error (0) | 162.159.61.3 | A (IP address) | IN (0x0001) | false | ||
| Aug 31, 2024 22:05:13.364535093 CEST | 1.1.1.1 | 192.168.2.6 | 0xc94f | No error (0) | 172.64.41.3 | A (IP address) | IN (0x0001) | false | ||
| Aug 31, 2024 22:05:13.365973949 CEST | 1.1.1.1 | 192.168.2.6 | 0x143 | No error (0) | 172.64.41.3 | A (IP address) | IN (0x0001) | false | ||
| Aug 31, 2024 22:05:13.365973949 CEST | 1.1.1.1 | 192.168.2.6 | 0x143 | No error (0) | 162.159.61.3 | A (IP address) | IN (0x0001) | false | ||
| Aug 31, 2024 22:05:13.366485119 CEST | 1.1.1.1 | 192.168.2.6 | 0xc39f | No error (0) | 65 | IN (0x0001) | false | |||
| Aug 31, 2024 22:05:13.423568964 CEST | 1.1.1.1 | 192.168.2.6 | 0xc474 | No error (0) | 65 | IN (0x0001) | false | |||
| Aug 31, 2024 22:05:13.424881935 CEST | 1.1.1.1 | 192.168.2.6 | 0x4dd9 | No error (0) | 162.159.61.3 | A (IP address) | IN (0x0001) | false | ||
| Aug 31, 2024 22:05:13.424881935 CEST | 1.1.1.1 | 192.168.2.6 | 0x4dd9 | No error (0) | 172.64.41.3 | A (IP address) | IN (0x0001) | false | ||
| 2024-08-31 20:06:10 UTC | 162.159.61.3 | 192.168.2.6 | 0x0 | No error (0) | bzib.nelreports.net.akamaized.net | CNAME (Canonical name) | IN (0x0001) | true | ||
| 2024-08-31 20:06:10 UTC | 162.159.61.3 | 192.168.2.6 | 0x0 | No error (0) | bzib.nelreports.net.akamaized.net | CNAME (Canonical name) | IN (0x0001) | true |
|
| Session ID | Source IP | Source Port | Destination IP | Destination Port |
|---|---|---|---|---|
| 0 | 192.168.2.6 | 49710 | 40.113.110.67 | 443 |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-08-31 20:05:05 UTC | 71 | OUT | |
| 2024-08-31 20:05:05 UTC | 249 | OUT | |
| 2024-08-31 20:05:05 UTC | 1084 | OUT | |
| 2024-08-31 20:05:05 UTC | 218 | OUT | |
| 2024-08-31 20:05:05 UTC | 14 | IN | |
| 2024-08-31 20:05:05 UTC | 58 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 1 | 192.168.2.6 | 49729 | 13.107.246.42 | 443 | 2528 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-08-31 20:05:13 UTC | 486 | OUT | |
| 2024-08-31 20:05:13 UTC | 538 | IN | |
| 2024-08-31 20:05:13 UTC | 11989 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 2 | 192.168.2.6 | 49728 | 13.107.246.42 | 443 | 2528 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-08-31 20:05:13 UTC | 711 | OUT | |
| 2024-08-31 20:05:13 UTC | 583 | IN | |
| 2024-08-31 20:05:13 UTC | 15801 | IN | |
| 2024-08-31 20:05:13 UTC | 16384 | IN | |
| 2024-08-31 20:05:13 UTC | 16384 | IN | |
| 2024-08-31 20:05:13 UTC | 16384 | IN | |
| 2024-08-31 20:05:13 UTC | 5254 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 3 | 192.168.2.6 | 49736 | 172.64.41.3 | 443 | 2528 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-08-31 20:05:13 UTC | 245 | OUT | |
| 2024-08-31 20:05:13 UTC | 128 | OUT | |
| 2024-08-31 20:05:13 UTC | 247 | IN | |
| 2024-08-31 20:05:13 UTC | 468 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 4 | 192.168.2.6 | 49733 | 172.64.41.3 | 443 | 2528 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-08-31 20:05:13 UTC | 245 | OUT | |
| 2024-08-31 20:05:13 UTC | 128 | OUT | |
| 2024-08-31 20:05:13 UTC | 247 | IN | |
| 2024-08-31 20:05:13 UTC | 468 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 5 | 192.168.2.6 | 49734 | 162.159.61.3 | 443 | 2528 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-08-31 20:05:13 UTC | 245 | OUT | |
| 2024-08-31 20:05:13 UTC | 128 | OUT | |
| 2024-08-31 20:05:13 UTC | 247 | IN | |
| 2024-08-31 20:05:13 UTC | 468 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 6 | 192.168.2.6 | 49735 | 162.159.61.3 | 443 | 2528 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-08-31 20:05:13 UTC | 245 | OUT | |
| 2024-08-31 20:05:13 UTC | 128 | OUT | |
| 2024-08-31 20:05:13 UTC | 247 | IN | |
| 2024-08-31 20:05:13 UTC | 468 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 7 | 192.168.2.6 | 49738 | 162.159.61.3 | 443 | 2528 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-08-31 20:05:13 UTC | 245 | OUT | |
| 2024-08-31 20:05:13 UTC | 128 | OUT | |
| 2024-08-31 20:05:14 UTC | 247 | IN | |
| 2024-08-31 20:05:14 UTC | 468 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port |
|---|---|---|---|---|
| 8 | 192.168.2.6 | 49732 | 40.113.110.67 | 443 |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-08-31 20:05:14 UTC | 71 | OUT | |
| 2024-08-31 20:05:14 UTC | 249 | OUT | |
| 2024-08-31 20:05:14 UTC | 1084 | OUT | |
| 2024-08-31 20:05:14 UTC | 218 | OUT | |
| 2024-08-31 20:05:14 UTC | 14 | IN | |
| 2024-08-31 20:05:14 UTC | 58 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 9 | 192.168.2.6 | 49741 | 184.28.90.27 | 443 |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-08-31 20:05:15 UTC | 161 | OUT | |
| 2024-08-31 20:05:15 UTC | 467 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 10 | 192.168.2.6 | 49744 | 142.251.40.238 | 443 | 2528 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-08-31 20:05:16 UTC | 567 | OUT | |
| 2024-08-31 20:05:16 UTC | 520 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 11 | 192.168.2.6 | 49745 | 142.251.40.238 | 443 | 2528 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-08-31 20:05:16 UTC | 567 | OUT | |
| 2024-08-31 20:05:16 UTC | 520 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 12 | 192.168.2.6 | 49746 | 184.28.90.27 | 443 |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-08-31 20:05:16 UTC | 239 | OUT | |
| 2024-08-31 20:05:16 UTC | 515 | IN | |
| 2024-08-31 20:05:16 UTC | 55 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 13 | 192.168.2.6 | 49747 | 142.250.80.4 | 443 | 2528 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-08-31 20:05:16 UTC | 887 | OUT | |
| 2024-08-31 20:05:16 UTC | 705 | IN | |
| 2024-08-31 20:05:16 UTC | 685 | IN | |
| 2024-08-31 20:05:16 UTC | 1390 | IN | |
| 2024-08-31 20:05:16 UTC | 1390 | IN | |
| 2024-08-31 20:05:16 UTC | 1390 | IN | |
| 2024-08-31 20:05:16 UTC | 575 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 14 | 192.168.2.6 | 49750 | 13.85.23.86 | 443 |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-08-31 20:05:21 UTC | 306 | OUT | |
| 2024-08-31 20:05:22 UTC | 560 | IN | |
| 2024-08-31 20:05:22 UTC | 15824 | IN | |
| 2024-08-31 20:05:22 UTC | 8666 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port |
|---|---|---|---|---|
| 15 | 192.168.2.6 | 49755 | 40.113.110.67 | 443 |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-08-31 20:05:26 UTC | 71 | OUT | |
| 2024-08-31 20:05:26 UTC | 249 | OUT | |
| 2024-08-31 20:05:26 UTC | 1084 | OUT | |
| 2024-08-31 20:05:26 UTC | 218 | OUT | |
| 2024-08-31 20:05:26 UTC | 14 | IN | |
| 2024-08-31 20:05:26 UTC | 58 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port |
|---|---|---|---|---|
| 16 | 192.168.2.6 | 49756 | 40.113.103.199 | 443 |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-08-31 20:05:46 UTC | 71 | OUT | |
| 2024-08-31 20:05:46 UTC | 249 | OUT | |
| 2024-08-31 20:05:46 UTC | 1084 | OUT | |
| 2024-08-31 20:05:46 UTC | 218 | OUT | |
| 2024-08-31 20:05:46 UTC | 14 | IN | |
| 2024-08-31 20:05:46 UTC | 58 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 17 | 192.168.2.6 | 49757 | 20.12.23.50 | 443 |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-08-31 20:05:59 UTC | 306 | OUT | |
| 2024-08-31 20:05:59 UTC | 560 | IN | |
| 2024-08-31 20:05:59 UTC | 15824 | IN | |
| 2024-08-31 20:05:59 UTC | 14181 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 18 | 192.168.2.6 | 49762 | 162.159.61.3 | 443 | 2528 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-08-31 20:06:10 UTC | 245 | OUT | |
| 2024-08-31 20:06:10 UTC | 128 | OUT | |
| 2024-08-31 20:06:10 UTC | 247 | IN | |
| 2024-08-31 20:06:10 UTC | 468 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 19 | 192.168.2.6 | 49761 | 162.159.61.3 | 443 | 2528 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-08-31 20:06:10 UTC | 245 | OUT | |
| 2024-08-31 20:06:10 UTC | 128 | OUT | |
| 2024-08-31 20:06:10 UTC | 247 | IN | |
| 2024-08-31 20:06:10 UTC | 468 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port |
|---|---|---|---|---|
| 20 | 192.168.2.6 | 49764 | 40.113.103.199 | 443 |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-08-31 20:06:12 UTC | 71 | OUT | |
| 2024-08-31 20:06:12 UTC | 249 | OUT | |
| 2024-08-31 20:06:12 UTC | 1084 | OUT | |
| 2024-08-31 20:06:12 UTC | 218 | OUT | |
| 2024-08-31 20:06:12 UTC | 14 | IN | |
| 2024-08-31 20:06:12 UTC | 58 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port |
|---|---|---|---|---|
| 21 | 192.168.2.6 | 49766 | 40.113.103.199 | 443 |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-08-31 20:06:41 UTC | 71 | OUT | |
| 2024-08-31 20:06:41 UTC | 249 | OUT | |
| 2024-08-31 20:06:41 UTC | 1084 | OUT | |
| 2024-08-31 20:06:41 UTC | 218 | OUT | |
| 2024-08-31 20:06:42 UTC | 14 | IN | |
| 2024-08-31 20:06:42 UTC | 58 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port |
|---|---|---|---|---|
| 22 | 192.168.2.6 | 49767 | 40.113.103.199 | 443 |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-08-31 20:07:13 UTC | 71 | OUT | |
| 2024-08-31 20:07:13 UTC | 249 | OUT | |
| 2024-08-31 20:07:13 UTC | 1084 | OUT | |
| 2024-08-31 20:07:13 UTC | 218 | OUT | |
| 2024-08-31 20:07:13 UTC | 14 | IN | |
| 2024-08-31 20:07:13 UTC | 58 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
| Target ID: | 0 |
| Start time: | 16:05:04 |
| Start date: | 31/08/2024 |
| Path: | C:\Users\user\Desktop\file.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x510000 |
| File size: | 917'504 bytes |
| MD5 hash: | 4EA77C57CB0E4DE372EDD5E2D1AE4A82 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Has exited: | false |
| Target ID: | 1 |
| Start time: | 16:05:04 |
| Start date: | 31/08/2024 |
| Path: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff715da0000 |
| File size: | 4'210'216 bytes |
| MD5 hash: | BF154738460E4AB1D388970E1AB13FAB |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | moderate |
| Has exited: | true |
| Target ID: | 4 |
| Start time: | 16:05:05 |
| Start date: | 31/08/2024 |
| Path: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff715da0000 |
| File size: | 4'210'216 bytes |
| MD5 hash: | BF154738460E4AB1D388970E1AB13FAB |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | moderate |
| Has exited: | true |
| Target ID: | 5 |
| Start time: | 16:05:05 |
| Start date: | 31/08/2024 |
| Path: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff715da0000 |
| File size: | 4'210'216 bytes |
| MD5 hash: | BF154738460E4AB1D388970E1AB13FAB |
| Has elevated privileges: | false |
| Has administrator privileges: | false |
| Programmed in: | C, C++ or other language |
| Reputation: | moderate |
| Has exited: | false |
| Target ID: | 6 |
| Start time: | 16:05:05 |
| Start date: | 31/08/2024 |
| Path: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff715da0000 |
| File size: | 4'210'216 bytes |
| MD5 hash: | BF154738460E4AB1D388970E1AB13FAB |
| Has elevated privileges: | false |
| Has administrator privileges: | false |
| Programmed in: | C, C++ or other language |
| Reputation: | moderate |
| Has exited: | false |
| Target ID: | 9 |
| Start time: | 16:05:10 |
| Start date: | 31/08/2024 |
| Path: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff715da0000 |
| File size: | 4'210'216 bytes |
| MD5 hash: | BF154738460E4AB1D388970E1AB13FAB |
| Has elevated privileges: | false |
| Has administrator privileges: | false |
| Programmed in: | C, C++ or other language |
| Reputation: | moderate |
| Has exited: | true |
| Target ID: | 10 |
| Start time: | 16:05:10 |
| Start date: | 31/08/2024 |
| Path: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff715da0000 |
| File size: | 4'210'216 bytes |
| MD5 hash: | BF154738460E4AB1D388970E1AB13FAB |
| Has elevated privileges: | false |
| Has administrator privileges: | false |
| Programmed in: | C, C++ or other language |
| Reputation: | moderate |
| Has exited: | true |
| Target ID: | 11 |
| Start time: | 16:05:11 |
| Start date: | 31/08/2024 |
| Path: | C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff6f2da0000 |
| File size: | 1'255'976 bytes |
| MD5 hash: | F8CEC3E43A6305AC9BA3700131594306 |
| Has elevated privileges: | false |
| Has administrator privileges: | false |
| Programmed in: | C, C++ or other language |
| Reputation: | moderate |
| Has exited: | true |
| Target ID: | 12 |
| Start time: | 16:05:11 |
| Start date: | 31/08/2024 |
| Path: | C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff6f2da0000 |
| File size: | 1'255'976 bytes |
| MD5 hash: | F8CEC3E43A6305AC9BA3700131594306 |
| Has elevated privileges: | false |
| Has administrator privileges: | false |
| Programmed in: | C, C++ or other language |
| Reputation: | moderate |
| Has exited: | true |
| Target ID: | 15 |
| Start time: | 16:05:22 |
| Start date: | 31/08/2024 |
| Path: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff715da0000 |
| File size: | 4'210'216 bytes |
| MD5 hash: | BF154738460E4AB1D388970E1AB13FAB |
| Has elevated privileges: | false |
| Has administrator privileges: | false |
| Programmed in: | C, C++ or other language |
| Reputation: | moderate |
| Has exited: | true |
| Target ID: | 17 |
| Start time: | 16:05:23 |
| Start date: | 31/08/2024 |
| Path: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff715da0000 |
| File size: | 4'210'216 bytes |
| MD5 hash: | BF154738460E4AB1D388970E1AB13FAB |
| Has elevated privileges: | false |
| Has administrator privileges: | false |
| Programmed in: | C, C++ or other language |
| Reputation: | moderate |
| Has exited: | true |
| Target ID: | 18 |
| Start time: | 16:05:23 |
| Start date: | 31/08/2024 |
| Path: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff7934f0000 |
| File size: | 4'210'216 bytes |
| MD5 hash: | BF154738460E4AB1D388970E1AB13FAB |
| Has elevated privileges: | false |
| Has administrator privileges: | false |
| Programmed in: | C, C++ or other language |
| Reputation: | moderate |
| Has exited: | true |
| Target ID: | 19 |
| Start time: | 16:05:30 |
| Start date: | 31/08/2024 |
| Path: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff715da0000 |
| File size: | 4'210'216 bytes |
| MD5 hash: | BF154738460E4AB1D388970E1AB13FAB |
| Has elevated privileges: | false |
| Has administrator privileges: | false |
| Programmed in: | C, C++ or other language |
| Has exited: | true |
| Target ID: | 20 |
| Start time: | 16:05:30 |
| Start date: | 31/08/2024 |
| Path: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff715da0000 |
| File size: | 4'210'216 bytes |
| MD5 hash: | BF154738460E4AB1D388970E1AB13FAB |
| Has elevated privileges: | false |
| Has administrator privileges: | false |
| Programmed in: | C, C++ or other language |
| Has exited: | true |
Execution Graph
| Execution Coverage: | 1.7% |
| Dynamic/Decrypted Code Coverage: | 0% |
| Signature Coverage: | 5.1% |
| Total number of Nodes: | 1370 |
| Total number of Limit Nodes: | 38 |
Graph
Function 0052F98E Relevance: 43.9, APIs: 24, Strings: 1, Instructions: 130keyboardthreadwindowCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005142DE Relevance: 21.2, APIs: 9, Strings: 3, Instructions: 235libraryloaderCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0051D730 Relevance: 21.6, APIs: 14, Instructions: 627windowsleeptimeCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0051344D Relevance: 19.5, APIs: 6, Strings: 5, Instructions: 201registryCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00512CD4 Relevance: 19.3, APIs: 7, Strings: 4, Instructions: 53windowregistryCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0055065B Relevance: 17.8, APIs: 9, Strings: 1, Instructions: 272COMMONLIBRARYCODE
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00512B83 Relevance: 17.6, APIs: 7, Strings: 3, Instructions: 63windowregistryCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00513170 Relevance: 15.9, APIs: 8, Strings: 1, Instructions: 145windowtimeregistryCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057E97B Relevance: 7.5, APIs: 5, Instructions: 47sleepCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00513B1C Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 58registryCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00513923 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 94windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00513837 Relevance: 3.1, APIs: 2, Instructions: 77windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A2598 Relevance: 1.6, APIs: 1, Instructions: 78COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A13B7 Relevance: 1.6, APIs: 1, Instructions: 76COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00514ECB Relevance: 1.6, APIs: 1, Instructions: 65libraryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00548402 Relevance: 1.6, APIs: 1, Instructions: 54COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A29BF Relevance: 1.5, APIs: 1, Instructions: 48COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0053E602 Relevance: 1.5, APIs: 1, Instructions: 46COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A149E Relevance: 1.5, APIs: 1, Instructions: 46COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00544C7D Relevance: 1.5, APIs: 1, Instructions: 39memoryCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00543820 Relevance: 1.5, APIs: 1, Instructions: 32memoryCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00514F39 Relevance: 1.5, APIs: 1, Instructions: 28COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A2A55 Relevance: 1.5, APIs: 1, Instructions: 25COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00512DA5 Relevance: 1.5, APIs: 1, Instructions: 23COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00512B3D Relevance: 1.5, APIs: 1, Instructions: 22COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00511CAD Relevance: 1.5, APIs: 1, Instructions: 8COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A9576 Relevance: 74.1, APIs: 39, Strings: 3, Instructions: 625windowkeyboardCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A4873 Relevance: 60.1, APIs: 33, Strings: 1, Instructions: 566windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0058698F Relevance: 21.4, APIs: 7, Strings: 5, Instructions: 363timefileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00589642 Relevance: 21.1, APIs: 11, Strings: 1, Instructions: 118fileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0058979D Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 111fileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00588195 Relevance: 15.9, APIs: 8, Strings: 1, Instructions: 186timeCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057D076 Relevance: 14.2, APIs: 7, Strings: 1, Instructions: 172fileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0058ED6A Relevance: 13.6, APIs: 9, Instructions: 102clipboardmemoryCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057E8F6 Relevance: 12.3, APIs: 3, Strings: 4, Instructions: 57shutdownCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0054B952 Relevance: 10.9, APIs: 7, Instructions: 370timeCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057D3A9 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 91fileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005922DA Relevance: 9.1, APIs: 6, Instructions: 103COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00589B2B Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 119filesleepCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0052997D Relevance: 7.9, APIs: 5, Instructions: 375COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A1C41 Relevance: 7.6, APIs: 5, Instructions: 83windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00518060 Relevance: 7.4, Strings: 5, Instructions: 1151COMMON
Download Yara Rule
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00578298 Relevance: 6.6, APIs: 1, Strings: 3, Instructions: 568stringCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00585C97 Relevance: 4.6, APIs: 3, Instructions: 138fileCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005851CD Relevance: 4.6, APIs: 3, Instructions: 76COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005716C3 Relevance: 4.6, APIs: 3, Instructions: 68COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057D5EB Relevance: 4.6, APIs: 3, Instructions: 58fileCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00571663 Relevance: 4.5, APIs: 3, Instructions: 40memoryCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0053CAA0 Relevance: 3.5, APIs: 2, Instructions: 464COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0051CAF0 Relevance: 3.2, Strings: 2, Instructions: 659COMMON
Download Yara Rule
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005868EE Relevance: 3.1, APIs: 2, Instructions: 57fileCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005837B5 Relevance: 3.0, APIs: 2, Instructions: 33windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005710BF Relevance: 3.0, APIs: 2, Instructions: 24COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0051BF40 Relevance: 2.4, Strings: 1, Instructions: 1178COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0052B119 Relevance: 1.8, Strings: 1, Instructions: 511COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005309D5 Relevance: 1.5, APIs: 1, Instructions: 3COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0053781B Relevance: 1.5, Strings: 1, Instructions: 214COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00582046 Relevance: 1.3, Strings: 1, Instructions: 72COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00546DD9 Relevance: .6, Instructions: 637COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0052CC39 Relevance: .6, Instructions: 635COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00517920 Relevance: .6, Instructions: 563COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005191C0 Relevance: .5, Instructions: 475COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00549EEE Relevance: .3, Instructions: 294COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00537A4A Relevance: .2, Instructions: 237COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00537CA7 Relevance: .2, Instructions: 237COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00592ADE Relevance: 77.5, APIs: 40, Strings: 4, Instructions: 486filecommemoryCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A70D5 Relevance: 49.8, APIs: 33, Instructions: 273COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00592711 Relevance: 45.8, APIs: 22, Strings: 4, Instructions: 330windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A0FF3 Relevance: 37.0, APIs: 18, Strings: 3, Instructions: 284windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A0241 Relevance: 35.4, APIs: 7, Strings: 13, Instructions: 391windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00528891 Relevance: 33.5, APIs: 18, Strings: 1, Instructions: 282windowtimeCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0059C3B7 Relevance: 30.2, APIs: 11, Strings: 6, Instructions: 495registryCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A091E Relevance: 30.1, APIs: 6, Strings: 11, Instructions: 372windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A833C Relevance: 29.9, APIs: 14, Strings: 3, Instructions: 196windowlibraryCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0058FE0E Relevance: 27.1, APIs: 18, Instructions: 128COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A911E Relevance: 24.7, APIs: 10, Strings: 4, Instructions: 181windowfileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0051326F Relevance: 23.0, APIs: 12, Strings: 1, Instructions: 214windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A6CD9 Relevance: 22.9, APIs: 11, Strings: 2, Instructions: 194windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0058C476 Relevance: 22.9, APIs: 12, Strings: 1, Instructions: 143networkCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005814BD Relevance: 21.4, APIs: 10, Strings: 2, Instructions: 360timeCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0059B60E Relevance: 21.3, APIs: 10, Strings: 2, Instructions: 285registrylibraryloaderCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0059255C Relevance: 21.2, APIs: 11, Strings: 1, Instructions: 169windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057365B Relevance: 19.5, APIs: 10, Strings: 1, Instructions: 267windowtimeCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A8D0E Relevance: 19.5, APIs: 10, Strings: 1, Instructions: 221windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057BF30 Relevance: 19.4, APIs: 10, Strings: 1, Instructions: 190windowsleepCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0059CC34 Relevance: 19.4, APIs: 9, Strings: 2, Instructions: 104registryCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00583D1E Relevance: 19.4, APIs: 8, Strings: 3, Instructions: 101fileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057E6B0 Relevance: 19.3, APIs: 10, Strings: 1, Instructions: 72sleepwindowtimeCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00575CC6 Relevance: 18.2, APIs: 12, Instructions: 173COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00528BCD Relevance: 18.2, APIs: 12, Instructions: 168timeCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00529838 Relevance: 18.1, APIs: 12, Instructions: 137COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00548D45 Relevance: 17.8, APIs: 9, Strings: 1, Instructions: 300COMMONLIBRARYCODE
Download Yara Rule
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005796E2 Relevance: 17.6, APIs: 5, Strings: 5, Instructions: 137windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005706DE Relevance: 17.6, APIs: 7, Strings: 3, Instructions: 127registryshareCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00593C30 Relevance: 16.8, APIs: 11, Instructions: 344fileCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00587A96 Relevance: 16.8, APIs: 11, Instructions: 298comCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0059055B Relevance: 16.0, APIs: 8, Strings: 1, Instructions: 207networkfileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0059372C Relevance: 15.9, APIs: 6, Strings: 3, Instructions: 187comCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A8B02 Relevance: 15.9, APIs: 6, Strings: 3, Instructions: 149windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A3C46 Relevance: 15.9, APIs: 7, Strings: 2, Instructions: 101windowCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00571EDF Relevance: 15.8, APIs: 7, Strings: 2, Instructions: 78windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00571FC0 Relevance: 15.8, APIs: 7, Strings: 2, Instructions: 77windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00542C80 Relevance: 15.1, APIs: 10, Instructions: 54COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00511410 Relevance: 14.3, APIs: 7, Strings: 1, Instructions: 332comCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00515BEA Relevance: 14.2, APIs: 7, Strings: 1, Instructions: 184windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0058C253 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 94networkCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057989B Relevance: 14.1, APIs: 3, Strings: 5, Instructions: 74windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057209F Relevance: 14.1, APIs: 3, Strings: 5, Instructions: 71windowCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0054CE90 Relevance: 13.7, APIs: 9, Instructions: 209COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005725A2 Relevance: 13.6, APIs: 9, Instructions: 60sleepkeyboardwindowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A3886 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 141windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057BC5E Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 137windowCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057C874 Relevance: 12.3, APIs: 2, Strings: 5, Instructions: 81windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057DE27 Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 70networkCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057ED19 Relevance: 12.1, APIs: 8, Instructions: 137timeCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0052F8D8 Relevance: 12.1, APIs: 8, Instructions: 124COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A2D03 Relevance: 12.1, APIs: 8, Instructions: 95windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00575622 Relevance: 12.1, APIs: 8, Instructions: 92COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00551522 Relevance: 10.8, APIs: 7, Instructions: 268COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00581187 Relevance: 10.8, APIs: 7, Instructions: 254COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0052948A Relevance: 10.8, APIs: 7, Instructions: 254COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0054542E Relevance: 10.7, APIs: 7, Instructions: 152fileCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057CF00 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 108filestringCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A2DFD Relevance: 10.6, APIs: 7, Instructions: 99windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00577726 Relevance: 10.6, APIs: 7, Instructions: 94memoryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005777FD Relevance: 10.6, APIs: 7, Instructions: 89memoryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005804D2 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 80pipeCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005805A7 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 80pipeCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A40AD Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 75windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057DA5A Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 46windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0058096B Relevance: 10.5, APIs: 7, Instructions: 35synchronizationthreadCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00515D0A Relevance: 9.3, APIs: 6, Instructions: 276COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005401B7 Relevance: 9.3, APIs: 6, Instructions: 269COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005461FE Relevance: 9.2, APIs: 6, Instructions: 216COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0056F7AD Relevance: 9.2, APIs: 6, Instructions: 183memoryCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0052920C Relevance: 9.1, APIs: 6, Instructions: 113COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005807EF Relevance: 9.1, APIs: 6, Instructions: 107fileCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A81DB Relevance: 9.1, APIs: 6, Instructions: 104windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00574C7D Relevance: 9.1, APIs: 6, Instructions: 87windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057175D Relevance: 9.1, APIs: 6, Instructions: 68memoryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005714CE Relevance: 9.1, APIs: 6, Instructions: 64processCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A8A24 Relevance: 9.0, APIs: 6, Instructions: 49COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005751FD Relevance: 9.0, APIs: 6, Instructions: 49COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00567439 Relevance: 9.0, APIs: 6, Instructions: 37windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00571874 Relevance: 9.0, APIs: 6, Instructions: 23memorysynchronizationCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057C5D0 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 191windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057719E Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 120comlibraryloaderCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A3D7C Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 101windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00571DE2 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 93windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A2F17 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 78windowlibraryCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00534D6D Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 38libraryloaderCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00514E90 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 24libraryloaderCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00514E59 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 22libraryloaderCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00582947 Relevance: 7.8, APIs: 5, Instructions: 313fileCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0059A387 Relevance: 7.8, APIs: 5, Instructions: 256COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00578BB0 Relevance: 7.7, APIs: 5, Instructions: 159COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00588AFB Relevance: 7.6, APIs: 5, Instructions: 143COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A6B76 Relevance: 7.6, APIs: 5, Instructions: 131windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00583874 Relevance: 7.6, APIs: 5, Instructions: 101windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A5706 Relevance: 7.6, APIs: 5, Instructions: 82windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00590930 Relevance: 7.6, APIs: 5, Instructions: 69COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0054CDBD Relevance: 7.6, APIs: 5, Instructions: 68COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00529639 Relevance: 7.6, APIs: 5, Instructions: 66COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00575711 Relevance: 7.6, APIs: 5, Instructions: 61COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057000E Relevance: 7.5, APIs: 5, Instructions: 47stringCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005710F9 Relevance: 7.5, APIs: 5, Instructions: 46memoryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00570FB4 Relevance: 7.5, APIs: 5, Instructions: 43memoryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00571014 Relevance: 7.5, APIs: 5, Instructions: 43memoryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0058030F Relevance: 7.5, APIs: 6, Instructions: 41COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005422A0 Relevance: 7.5, APIs: 5, Instructions: 30COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005295C5 Relevance: 7.5, APIs: 5, Instructions: 29COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00540F47 Relevance: 7.4, APIs: 2, Strings: 2, Instructions: 389COMMONLIBRARYCODE
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00545AA9 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 186COMMONLIBRARYCODE
Download Yara Rule
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00548A61 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 124COMMONLIBRARYCODE
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00572716 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 121windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057C27D Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 114windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00576E71 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 92memoryCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0059304E Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 90networkCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A3EB8 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 89windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A4653 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 87windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A37B7 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 84windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A41EB Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 67windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00572F52 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 67windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A5882 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 47windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0056D3A0 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 30libraryloaderCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057007F Relevance: 6.3, APIs: 4, Instructions: 322COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0059342E Relevance: 6.3, APIs: 4, Instructions: 257COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00570436 Relevance: 6.2, APIs: 4, Instructions: 230COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A6278 Relevance: 6.1, APIs: 4, Instructions: 138COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0054B41F Relevance: 6.1, APIs: 4, Instructions: 133COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005856D9 Relevance: 6.1, APIs: 4, Instructions: 110fileCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A52C1 Relevance: 6.1, APIs: 4, Instructions: 104windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A7674 Relevance: 6.1, APIs: 4, Instructions: 102windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A16DA Relevance: 6.1, APIs: 4, Instructions: 101COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057D4DC Relevance: 6.1, APIs: 4, Instructions: 86processCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A8FC9 Relevance: 6.1, APIs: 4, Instructions: 78windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057D2C1 Relevance: 6.1, APIs: 4, Instructions: 78COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00571571 Relevance: 6.1, APIs: 4, Instructions: 78memoryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A2782 Relevance: 6.1, APIs: 4, Instructions: 75COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005778F5 Relevance: 6.1, APIs: 3, Strings: 1, Instructions: 71stringCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A7CC2 Relevance: 6.1, APIs: 4, Instructions: 70COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A5660 Relevance: 6.1, APIs: 4, Instructions: 67windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00541D09 Relevance: 6.1, APIs: 4, Instructions: 63COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00571A27 Relevance: 6.1, APIs: 4, Instructions: 56windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057E1D6 Relevance: 6.1, APIs: 4, Instructions: 55synchronizationthreadwindowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0053D1CC Relevance: 6.1, APIs: 4, Instructions: 55threadCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A9EF3 Relevance: 6.1, APIs: 4, Instructions: 55COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0051600E Relevance: 6.1, APIs: 4, Instructions: 53windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00543073 Relevance: 6.1, APIs: 4, Instructions: 52libraryCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057B0A8 Relevance: 6.0, APIs: 4, Instructions: 50sleepCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A7E14 Relevance: 6.0, APIs: 4, Instructions: 46COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A8863 Relevance: 6.0, APIs: 4, Instructions: 31COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005298B0 Relevance: 6.0, APIs: 4, Instructions: 23COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0057162B Relevance: 6.0, APIs: 4, Instructions: 22threadCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0056D858 Relevance: 6.0, APIs: 4, Instructions: 19COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0056D86C Relevance: 6.0, APIs: 4, Instructions: 18COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00584D87 Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 230shareCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0052F291 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 144sleepCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0058D0F4 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 98networkCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A4537 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 95windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A31EF Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 72windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0058CD1E Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 66networkCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A3429 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 64windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00571CDE Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 52windowCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00571BD8 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 50windowCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00571C5C Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 49windowCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00571D68 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 46windowCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A8172 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 40processCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00570B15 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 28windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A2356 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 15windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 005A2322 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 15windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|