Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Un nouveau document est dsormais disponible_.msg

Overview

General Information

Sample name:Un nouveau document est dsormais disponible_.msg
Analysis ID:1522702
MD5:82783ac612da77ad7b054967c45e69d0
SHA1:402dcb0c84e9045e0536ae5ad7b8c0417a202582
SHA256:270ef90c86e90cdcc84e8ab11867729b19cb4d243637d448b1114b620b672c82
Infos:

Detection

Score:3
Range:0 - 100
Whitelisted:false
Confidence:60%

Signatures

Detected non-DNS traffic on DNS port
Queries the volume information (name, serial number etc) of a device
Sigma detected: Office Autorun Keys Modification
Sigma detected: Outlook Security Settings Updated - Registry
Sigma detected: Suspicious Office Outbound Connections
Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64_ra
  • OUTLOOK.EXE (PID: 5636 cmdline: "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /f "C:\Users\user\Desktop\Un nouveau document est dsormais disponible_.msg" MD5: 91A5292942864110ED734005B7E005C0)
    • ai.exe (PID: 6732 cmdline: "C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "F0B8A4B0-ECD4-4E1E-A298-21D42D05331C" "84549723-A19B-4DD1-8B32-09E7C555E8E0" "5636" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx" MD5: EC652BEDD90E089D9406AFED89A8A8BD)
    • chrome.exe (PID: 6636 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://alismus.com/fr MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
      • chrome.exe (PID: 3992 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 --field-trial-handle=1960,i,11894358489210066392,2102560897145112882,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • msedge.exe (PID: 7672 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\0YSE14NI\email.mht MD5: 69222B8101B0601CC6663F8381E7E00F)
      • msedge.exe (PID: 4044 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1988,i,5874324321502643961,2078440202249656247,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • chrome.exe (PID: 636 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://alismus.com/fr MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
      • chrome.exe (PID: 5528 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 --field-trial-handle=1884,i,6044636143090337290,1121441316210253229,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • msedge.exe (PID: 7116 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate --single-argument C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\0YSE14NI\email.mht MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 7832 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2212 --field-trial-handle=2016,i,10764574439978627066,4361900835678833213,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 8160 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6356 --field-trial-handle=2016,i,10764574439978627066,4361900835678833213,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 8184 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6592 --field-trial-handle=2016,i,10764574439978627066,4361900835678833213,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 7388 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6452 --field-trial-handle=2016,i,10764574439978627066,4361900835678833213,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

Sigma detected: Office Autorun Keys Modification
Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 , EventID: 13, EventType: SetValue, Image: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE, ProcessId: 5636, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Addins\OneNote.OutlookAddin\1
Sigma detected: Outlook Security Settings Updated - Registry
Source: Registry Key setAuthor: frack113: Data: Details: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\0YSE14NI\, EventID: 13, EventType: SetValue, Image: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE, ProcessId: 5636, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Security\OutlookSecureTempFolder
Sigma detected: Suspicious Office Outbound Connections
Source: Network ConnectionAuthor: X__Junior (Nextron Systems): Data: DestinationIp: 192.168.2.16, DestinationIsIpv6: false, DestinationPort: 49706, EventID: 3, Image: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE, Initiated: true, ProcessId: 5636, Protocol: tcp, SourceIp: 199.232.188.159, SourceIsIpv6: false, SourcePort: 443

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://alismus.com/frHTTP Parser: No favicon
Source: https://alismus.com/frHTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 199.232.188.159:443 -> 192.168.2.16:49706 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.32.140:443 -> 192.168.2.16:49711 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.32.140:443 -> 192.168.2.16:49717 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49732 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:52256 version: TLS 1.2
Source: global trafficTCP traffic: 192.168.2.16:65038 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:52254 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.16:65038 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:52254 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.16:65038 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:52330 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:52254 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.16:65038 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:52330 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:58454 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:52254 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.16:65038 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:52330 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:58454 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:52254 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.16:65038 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:52330 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:58454 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:52254 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.16:65038 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:52330 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:58454 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:52254 -> 162.159.36.2:53
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.32.140
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: global trafficDNS traffic detected: DNS query: pbs.twimg.com
Source: global trafficDNS traffic detected: DNS query: alismus.com
Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: bzib.nelreports.net
Source: global trafficDNS traffic detected: DNS query: clients2.googleusercontent.com
Source: global trafficDNS traffic detected: DNS query: chrome.cloudflare-dns.com
Source: unknownNetwork traffic detected: HTTP traffic on port 58593 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58570 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52290 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58650 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58458
Source: unknownNetwork traffic detected: HTTP traffic on port 58535 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58579
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58457
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58578
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58459
Source: unknownNetwork traffic detected: HTTP traffic on port 58558 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58465
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58586
Source: unknownNetwork traffic detected: HTTP traffic on port 58615 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58464
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58585
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58467
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58588
Source: unknownNetwork traffic detected: HTTP traffic on port 58638 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58466
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58587
Source: unknownNetwork traffic detected: HTTP traffic on port 52278 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58582
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58460
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58581
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58463
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58584
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58583
Source: unknownNetwork traffic detected: HTTP traffic on port 58490 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58580
Source: unknownNetwork traffic detected: HTTP traffic on port 52312 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52335 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 58569 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 58489 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58500 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58626 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52323 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58469
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58468
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58589
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58476
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58597
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58475
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58596
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58478
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58599
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58477
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58598
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58472
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58593
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58471
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58592
Source: unknownNetwork traffic detected: HTTP traffic on port 58661 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58474
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58595
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58473
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58594
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 58478 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58470
Source: unknownNetwork traffic detected: HTTP traffic on port 58524 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58591
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58590
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 58501 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52347 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58479
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58487
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58486
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58489
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58488
Source: unknownNetwork traffic detected: HTTP traffic on port 58534 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58483
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58482
Source: unknownNetwork traffic detected: HTTP traffic on port 58662 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58485
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58484
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58481
Source: unknownNetwork traffic detected: HTTP traffic on port 58477 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58480
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 58546 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 58582 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 58603 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58523 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52300 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58466 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58571 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58557 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58498
Source: unknownNetwork traffic detected: HTTP traffic on port 58639 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58497
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58499
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58494
Source: unknownNetwork traffic detected: HTTP traffic on port 52279 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58493
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58496
Source: unknownNetwork traffic detected: HTTP traffic on port 58512 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58614 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58495
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58490
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58492
Source: unknownNetwork traffic detected: HTTP traffic on port 52311 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58491
Source: unknownNetwork traffic detected: HTTP traffic on port 58673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52336 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58602 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58488 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58625 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58539
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58538
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58659
Source: unknownNetwork traffic detected: HTTP traffic on port 58465 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58535
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58656
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58534
Source: unknownNetwork traffic detected: HTTP traffic on port 52345 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58537
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58658
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58536
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58657
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58542
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58663
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58541
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58662
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58544
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58665
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58543
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58664
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58540
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58661
Source: unknownNetwork traffic detected: HTTP traffic on port 58502 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58660
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58525 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58548 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58580 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52302 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52291 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58651 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58513 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58549
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58546
Source: unknownNetwork traffic detected: HTTP traffic on port 58559 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58667
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58545
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58666
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58548
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58669
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58547
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58668
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58553
Source: unknownNetwork traffic detected: HTTP traffic on port 58640 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58674
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58552
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58673
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58555
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58676
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58554
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58675
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58670
Source: unknownNetwork traffic detected: HTTP traffic on port 52280 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58551
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58672
Source: unknownNetwork traffic detected: HTTP traffic on port 58499 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58550
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58671
Source: unknownNetwork traffic detected: HTTP traffic on port 52334 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52313 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58652 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52301 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52292 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58514 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49693 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58557
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58678
Source: unknownNetwork traffic detected: HTTP traffic on port 52324 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58556
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58677
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58559
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58558
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58679
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58564
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58563
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58566
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58565
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58560
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58681
Source: unknownNetwork traffic detected: HTTP traffic on port 58613 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58680
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58562
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58561
Source: unknownNetwork traffic detected: HTTP traffic on port 52264 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58487 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58624 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52346 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58536 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58568
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58567
Source: unknownNetwork traffic detected: HTTP traffic on port 58592 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58569
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58575
Source: unknownNetwork traffic detected: HTTP traffic on port 58581 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58574
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58456
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58577
Source: unknownNetwork traffic detected: HTTP traffic on port 58663 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58576
Source: unknownNetwork traffic detected: HTTP traffic on port 58476 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58571
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58570
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58573
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58572
Source: unknownNetwork traffic detected: HTTP traffic on port 58547 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52303 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58606 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58629 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52275 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52349 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58578 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58555 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52326 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58532 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58475 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58498 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58670 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58521 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49693
Source: unknownNetwork traffic detected: HTTP traffic on port 52287 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58647 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58464 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58590 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52298 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58658 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52338 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58566 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58520 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58486 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58543 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58681 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58463 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58591 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58579 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58636 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58617 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52299 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58659 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52314 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52307
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52308
Source: unknownNetwork traffic detected: HTTP traffic on port 58628 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52305
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52306
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52309
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52300
Source: unknownNetwork traffic detected: HTTP traffic on port 52325 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52303
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52304
Source: unknownNetwork traffic detected: HTTP traffic on port 58554 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52301
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52302
Source: unknownNetwork traffic detected: HTTP traffic on port 58497 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58509 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58568 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58545 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58522 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52288 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58648 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52316 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58660 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58588 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58485 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58605 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52348 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58577 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52327 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58556 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52256 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58474 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58637 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52277 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58510 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58616 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58627 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58604 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58473 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58511 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58496 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58672 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58567 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52304 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58544 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58649 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52289 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52315 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58533 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58589 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58484 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58667 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58506 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58609 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58529 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58517 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52295 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58552 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58598 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52306 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52341 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58495 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52284 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58587 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58541 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58679 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52317 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52328 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52305 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58518 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52296 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58608 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58633 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52256
Source: unknownNetwork traffic detected: HTTP traffic on port 58599 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58576 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58563 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58540 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58620 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58483 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58645 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52264
Source: unknownNetwork traffic detected: HTTP traffic on port 58472 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52274
Source: unknownNetwork traffic detected: HTTP traffic on port 58656 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52318
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52319
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52316
Source: unknownNetwork traffic detected: HTTP traffic on port 58459 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52317
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52310
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52311
Source: unknownNetwork traffic detected: HTTP traffic on port 58597 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52314
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52315
Source: unknownNetwork traffic detected: HTTP traffic on port 52307 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52312
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52313
Source: unknownNetwork traffic detected: HTTP traffic on port 58574 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52339 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58494 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58619 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52285 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58634 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58657 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58471 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58565 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52329
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52327
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52328
Source: unknownNetwork traffic detected: HTTP traffic on port 58542 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52274 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52321
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52322
Source: unknownNetwork traffic detected: HTTP traffic on port 58668 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52320
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52325
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52326
Source: unknownNetwork traffic detected: HTTP traffic on port 58460 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52323
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52324
Source: unknownNetwork traffic detected: HTTP traffic on port 58507 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58531 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52338
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52339
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52332
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52333
Source: unknownNetwork traffic detected: HTTP traffic on port 58646 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58669 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58482 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52336
Source: unknownNetwork traffic detected: HTTP traffic on port 58553 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52334
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52335
Source: unknownNetwork traffic detected: HTTP traffic on port 52340 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58508 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52340
Source: unknownNetwork traffic detected: HTTP traffic on port 58530 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58586 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52318 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58519 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52349
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58680 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52297 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58607 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52341
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52347
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52348
Source: unknownNetwork traffic detected: HTTP traffic on port 52329 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52345
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52346
Source: unknownNetwork traffic detected: HTTP traffic on port 58575 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58618 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52286 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58635 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58493 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58564 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58619
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58616
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58615
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58618
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58617
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58612
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58611
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58614
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58613
Source: unknownNetwork traffic detected: HTTP traffic on port 58664 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52281 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58500
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58621
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58620
Source: unknownNetwork traffic detected: HTTP traffic on port 58641 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58561 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58584 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58676 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58601 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58509
Source: unknownNetwork traffic detected: HTTP traffic on port 58630 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58506
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58627
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58505
Source: unknownNetwork traffic detected: HTTP traffic on port 58538 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58626
Source: unknownNetwork traffic detected: HTTP traffic on port 58481 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58508
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58629
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58507
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58628
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58502
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58623
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58501
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58622
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58504
Source: unknownNetwork traffic detected: HTTP traffic on port 58573 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58625
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58503
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58624
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58630
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58511
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58632
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58510
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58631
Source: unknownNetwork traffic detected: HTTP traffic on port 58612 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58503 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58457 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58470 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58549 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 58623 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58517
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58638
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58516
Source: unknownNetwork traffic detected: HTTP traffic on port 58537 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58637
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58519
Source: unknownNetwork traffic detected: HTTP traffic on port 52320 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58518
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58639
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58513
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58634
Source: unknownHTTPS traffic detected: 199.232.188.159:443 -> 192.168.2.16:49706 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.32.140:443 -> 192.168.2.16:49711 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.32.140:443 -> 192.168.2.16:49717 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49732 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:52256 version: TLS 1.2
Source: classification engineClassification label: clean3.winMSG@88/189@25/356
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile created: C:\Users\user\Documents\Outlook Files\~Outlook Data File - NoEmail.pst.tmp
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile created: C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_16827_20130-20240930T0943340512-5636.etl
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile read: C:\Users\desktop.ini
Source: unknownProcess created: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /f "C:\Users\user\Desktop\Un nouveau document est dsormais disponible_.msg"
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe "C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "F0B8A4B0-ECD4-4E1E-A298-21D42D05331C" "84549723-A19B-4DD1-8B32-09E7C555E8E0" "5636" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx"
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://alismus.com/fr
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 --field-trial-handle=1960,i,11894358489210066392,2102560897145112882,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe "C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "F0B8A4B0-ECD4-4E1E-A298-21D42D05331C" "84549723-A19B-4DD1-8B32-09E7C555E8E0" "5636" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx"
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://alismus.com/fr
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 --field-trial-handle=1960,i,11894358489210066392,2102560897145112882,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\0YSE14NI\email.mht
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1988,i,5874324321502643961,2078440202249656247,262144 /prefetch:3
Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate --single-argument C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\0YSE14NI\email.mht
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2212 --field-trial-handle=2016,i,10764574439978627066,4361900835678833213,262144 /prefetch:3
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6356 --field-trial-handle=2016,i,10764574439978627066,4361900835678833213,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6592 --field-trial-handle=2016,i,10764574439978627066,4361900835678833213,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\0YSE14NI\email.mht
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1988,i,5874324321502643961,2078440202249656247,262144 /prefetch:3
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2212 --field-trial-handle=2016,i,10764574439978627066,4361900835678833213,262144 /prefetch:3
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6356 --field-trial-handle=2016,i,10764574439978627066,4361900835678833213,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6592 --field-trial-handle=2016,i,10764574439978627066,4361900835678833213,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://alismus.com/fr
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 --field-trial-handle=1884,i,6044636143090337290,1121441316210253229,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://alismus.com/fr
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 --field-trial-handle=1884,i,6044636143090337290,1121441316210253229,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6452 --field-trial-handle=2016,i,10764574439978627066,4361900835678833213,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6452 --field-trial-handle=2016,i,10764574439978627066,4361900835678833213,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: apphelp.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: c2r64.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: userenv.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: msasn1.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: cryptsp.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: rsaenh.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeSection loaded: gpapi.dll
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{F959DBBB-3867-41F2-8E5F-3B8BEFAA81B3}\InprocServer32
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEWindow found: window name: SysTabControl32
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Common
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile Volume queried: C:\Windows\SysWOW64 FullSizeInformation
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information queried: ProcessInformation
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeQueries volume information: C:\Program Files (x86)\Microsoft Office\root\Office16\AI\WordCombinedFloatieLreOnline.onnx VolumeInformation
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
DLL Side-Loading		1
Process Injection		1
Masquerading		OS Credential Dumping1
Process Discovery		Remote ServicesData from Local System2
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/Job1
Registry Run Keys / Startup Folder		1
DLL Side-Loading		1
Process Injection		LSASS Memory1
File and Directory Discovery		Remote Desktop ProtocolData from Removable Media1
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
Registry Run Keys / Startup Folder		1
DLL Side-Loading		Security Account Manager13
System Information Discovery		SMB/Windows Admin SharesData from Network Shared Drive2
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
chrome.cloudflare-dns.com
162.159.61.3
truefalse
    		unknown
    a.nel.cloudflare.com
    		35.190.80.1
    		truefalse
      		unknown
      dualstack.twimg.twitter.map.fastly.net
      		199.232.188.159
      		truefalse
        		unknown
        www.google.com
        		142.250.186.100
        		truefalse
          		unknown
          alismus.com
          		188.114.96.3
          		truefalse
            		unknown
            googlehosted.l.googleusercontent.com
            		142.250.184.193
            		truefalse
              		unknown
              sni1gl.wpc.nucdn.net
              		152.199.21.175
              		truefalse
                		unknown
                s-part-0032.t-0009.t-msedge.net
                		13.107.246.60
                		truefalse
                  		unknown
                  clients2.googleusercontent.com
                  		unknown
                  		unknownfalse
                    		unknown
                    bzib.nelreports.net
                    		unknown
                    		unknownfalse
                      		unknown
                      pbs.twimg.com
                      		unknown
                      		unknownfalse
                        		unknown

                        Contacted URLs

                        NameMaliciousAntivirus DetectionReputation
                        https://alismus.com/frfalse
                          		unknown

                          World Map of Contacted IPs

                          • No. of IPs < 25%
                          • 25% < No. of IPs < 50%
                          • 50% < No. of IPs < 75%
                          • 75% < No. of IPs

                          Public IPs

                          IPDomainCountryFlagASNASN NameMalicious
                          23.200.0.42
                          		unknownUnited States
                          		20940AKAMAI-ASN1EUfalse
                          13.107.6.158
                          		unknownUnited States
                          		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                          13.107.246.40
                          		unknownUnited States
                          		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                          52.240.245.67
                          		unknownUnited States
                          		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                          157.240.241.35
                          		unknownUnited States
                          		32934FACEBOOKUSfalse
                          20.114.189.70
                          		unknownUnited States
                          		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                          162.159.61.3
                          		chrome.cloudflare-dns.comUnited States
                          		13335CLOUDFLARENETUSfalse
                          68.67.179.155
                          		unknownUnited States
                          		29990ASN-APPNEXUSfalse
                          2.19.126.160
                          		unknownEuropean Union
                          		16625AKAMAI-ASUSfalse
                          23.59.251.219
                          		unknownUnited States
                          		20940AKAMAI-ASN1EUfalse
                          23.200.0.9
                          		unknownUnited States
                          		20940AKAMAI-ASN1EUfalse
                          204.79.197.239
                          		unknownUnited States
                          		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                          40.126.24.83
                          		unknownUnited States
                          		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                          157.240.241.1
                          		unknownUnited States
                          		32934FACEBOOKUSfalse
                          35.190.80.1
                          		a.nel.cloudflare.comUnited States
                          		15169GOOGLEUSfalse
                          20.110.205.119
                          		unknownUnited States
                          		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                          204.79.197.237
                          		unknownUnited States
                          		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                          13.107.5.80
                          		unknownUnited States
                          		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                          184.28.190.186
                          		unknownUnited States
                          		20940AKAMAI-ASN1EUfalse
                          23.219.82.49
                          		unknownUnited States
                          		20940AKAMAI-ASN1EUfalse
                          1.1.1.1
                          		unknownAustralia
                          		13335CLOUDFLARENETUSfalse
                          34.104.35.123
                          		unknownUnited States
                          		15169GOOGLEUSfalse
                          52.182.143.209
                          		unknownUnited States
                          		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                          104.18.186.31
                          		unknownUnited States
                          		13335CLOUDFLARENETUSfalse
                          13.107.21.237
                          		unknownUnited States
                          		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                          20.94.153.70
                          		unknownUnited States
                          		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                          142.250.184.193
                          		googlehosted.l.googleusercontent.comUnited States
                          		15169GOOGLEUSfalse
                          13.107.21.239
                          		unknownUnited States
                          		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                          23.219.82.43
                          		unknownUnited States
                          		20940AKAMAI-ASN1EUfalse
                          23.219.82.41
                          		unknownUnited States
                          		20940AKAMAI-ASN1EUfalse
                          4.150.155.223
                          		unknownUnited States
                          		3356LEVEL3USfalse
                          96.16.25.249
                          		unknownUnited States
                          		16625AKAMAI-ASUSfalse
                          13.107.42.16
                          		unknownUnited States
                          		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                          142.251.173.84
                          		unknownUnited States
                          		15169GOOGLEUSfalse
                          13.107.42.14
                          		unknownUnited States
                          		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                          239.255.255.250
                          		unknownReserved
                          		unknownunknownfalse
                          2.19.126.152
                          		unknownEuropean Union
                          		16625AKAMAI-ASUSfalse
                          52.109.28.46
                          		unknownUnited States
                          		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                          142.250.186.100
                          		www.google.comUnited States
                          		15169GOOGLEUSfalse
                          142.250.184.238
                          		unknownUnited States
                          		15169GOOGLEUSfalse
                          199.232.188.159
                          		dualstack.twimg.twitter.map.fastly.netUnited States
                          		54113FASTLYUSfalse
                          2.23.209.150
                          		unknownEuropean Union
                          		1273CWVodafoneGroupPLCEUfalse
                          13.69.116.107
                          		unknownUnited States
                          		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                          40.126.24.146
                          		unknownUnited States
                          		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                          96.17.65.249
                          		unknownUnited States
                          		16625AKAMAI-ASUSfalse
                          96.16.24.11
                          		unknownUnited States
                          		16625AKAMAI-ASUSfalse
                          172.217.18.14
                          		unknownUnited States
                          		15169GOOGLEUSfalse
                          152.195.19.97
                          		unknownUnited States
                          		15133EDGECASTUSfalse
                          142.251.32.99
                          		unknownUnited States
                          		15169GOOGLEUSfalse
                          96.17.66.27
                          		unknownUnited States
                          		16625AKAMAI-ASUSfalse
                          72.21.81.200
                          		unknownUnited States
                          		15133EDGECASTUSfalse
                          13.107.246.60
                          		s-part-0032.t-0009.t-msedge.netUnited States
                          		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                          216.58.206.36
                          		unknownUnited States
                          		15169GOOGLEUSfalse
                          20.189.173.10
                          		unknownUnited States
                          		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                          96.16.25.182
                          		unknownUnited States
                          		16625AKAMAI-ASUSfalse
                          52.109.68.129
                          		unknownUnited States
                          		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                          23.59.251.235
                          		unknownUnited States
                          		20940AKAMAI-ASN1EUfalse
                          18.173.219.84
                          		unknownUnited States
                          		3MIT-GATEWAYSUSfalse
                          172.64.41.3
                          		unknownUnited States
                          		13335CLOUDFLARENETUSfalse
                          66.102.1.84
                          		unknownUnited States
                          		15169GOOGLEUSfalse
                          52.113.194.132
                          		unknownUnited States
                          		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                          150.171.27.10
                          		unknownUnited States
                          		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                          142.250.185.131
                          		unknownUnited States
                          		15169GOOGLEUSfalse
                          188.114.96.3
                          		alismus.comEuropean Union
                          		13335CLOUDFLARENETUSfalse
                          23.101.168.44
                          		unknownUnited States
                          		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                          204.79.197.203
                          		unknownUnited States
                          		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                          172.217.16.131
                          		unknownUnited States
                          		15169GOOGLEUSfalse

                          Private

                          IP
                          192.168.2.17
                          192.168.2.16

                          General Information

                          Joe Sandbox version:41.0.0 Charoite
                          Analysis ID:1522702
                          Start date and time:2024-09-30 15:43:03 +02:00
                          Joe Sandbox product:CloudBasic
                          Overall analysis duration:
                          Hypervisor based Inspection enabled:false
                          Report type:full
                          Cookbook file name:defaultwindowsinteractivecookbook.jbs
                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                          Number of analysed new started processes analysed:28
                          Number of new started drivers analysed:0
                          Number of existing processes analysed:0
                          Number of existing drivers analysed:0
                          Number of injected processes analysed:0
                          Technologies:
                          • EGA enabled
                          Analysis Mode:stream
                          Analysis stop reason:Timeout
                          Sample name:Un nouveau document est dsormais disponible_.msg
                          Detection:CLEAN
                          Classification:clean3.winMSG@88/189@25/356
                          Cookbook Comments:
                          • Found application associated with file extension: .msg

                          Warnings

                          • Exclude process from analysis (whitelisted): dllhost.exe, SgrmBroker.exe, svchost.exe
                          • Excluded IPs from analysis (whitelisted): 93.184.221.240, 52.109.28.46, 184.28.90.27
                          • Excluded domains from analysis (whitelisted): fs.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, wu.ec.azureedge.net, prod.configsvc1.live.com.akadns.net, ctldl.windowsupdate.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, wu.azureedge.net, config.officeapps.live.com, e16604.g.akamaiedge.net, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, hlb.apr-52dd2-0.edgecastdns.net, officeclient.microsoft.com, prod.fs.microsoft.com.akadns.net, wu-b-net.trafficmanager.net, europe.configsvc1.live.com.akadns.net, uks-azsc-config.officeapps.live.com
                          • Not all processes where analyzed, report is missing behavior information
                          • Report size getting too big, too many NtOpenFile calls found.
                          • Report size getting too big, too many NtProtectVirtualMemory calls found.
                          • Report size getting too big, too many NtQueryAttributesFile calls found.
                          • Report size getting too big, too many NtQueryValueKey calls found.
                          • Report size getting too big, too many NtReadVirtualMemory calls found.
                          • Report size getting too big, too many NtSetInformationFile calls found.
                          • Report size getting too big, too many NtWriteVirtualMemory calls found.
                          • VT rate limit hit for: Un nouveau document est dsormais disponible_.msg

                          LLM Input / Output

                          InputOutput
                          URL: Email Model: jbxai
                          URL: https://alismus.com/fr Model: jbxai
                          URL: https://alismus.com/fr Model: jbxai
                          Created / dropped Files
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\43603500-a54c-445f-a917-f8cc5a8bb5c2.tmp
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:modified
                          Size (bytes):58041
                          Entropy (8bit):6.106082577569263
                          Encrypted:false
                          SSDEEP:
                          MD5:DACE1F198DF588106B5B06067AC7D9B9
                          SHA1:EDA43AB6442BFA5424047C62DDF35827A68AF3E1
                          SHA-256:2D111F2C1D9B13BC2D964F4FAE5F4C422C6986CD26D9BB90E701DA162AB8BF74
                          SHA-512:6E466546EB8BB3EB9827E9EDF2C86E7A5B0D23113653D1FCE7169D3C92399B2945BB86D330DA542C74AFB0D16AF2E6F2AD74D468183FA67EA0DDB5758BA432DE
                          Malicious:false
                          Reputation:unknown
                          Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\72981c8a-104a-409f-bdec-5a994fc71271.tmp
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):48629
                          Entropy (8bit):6.094647842900325
                          Encrypted:false
                          SSDEEP:
                          MD5:ECF42FD6ECA79D40B7223E9D02E98BC4
                          SHA1:FD4925BE42D3B1DEE6719901380190A091846C5B
                          SHA-256:1752632639D5A09C523695BD485084D2E67166EEF5839FF8E771B06422B7776B
                          SHA-512:BE50843A87AD1F436191C2275341E84486D8CFCE5E54B5335F787EB13A20132926AD40CA7AA27E72DFC0BF8CE4DDE80A7B2D4019653B4863B4BB54ED23F95BE4
                          Malicious:false
                          Reputation:unknown
                          Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1727703879"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNor
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\81e4dc98-1b83-43f2-ac16-02571ba3249e.tmp
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):48481
                          Entropy (8bit):6.095487743598594
                          Encrypted:false
                          SSDEEP:
                          MD5:C9700F5AF8B853B2CC6F1CD7919F9EF5
                          SHA1:AB39CF01391D0A16CEAC23EE8C2B6B02900D7EF2
                          SHA-256:0357FBB9A161F847311EA497D99DCD33990C78B12690C859AB3B1725234F7026
                          SHA-512:612B12C88C1528CC391477C8B315652A4C15AAB409292CF0F145893C4AFA005357F1B77E3305D50DD666DF803C1812CE9D2C8F03409EB1A70306AAEC3C9E103D
                          Malicious:false
                          Reputation:unknown
                          Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1727703867"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNor
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\97d22a81-1590-4405-a714-de422dda4794.tmp
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):48706
                          Entropy (8bit):6.094645653777607
                          Encrypted:false
                          SSDEEP:
                          MD5:55CA11758A9A721F8B6D1F1B30C38358
                          SHA1:D3BCE01DB78E80E26793A8183AB13DBD485F590F
                          SHA-256:9042E8E34590C3714859D0591C8BEE68451C03BF5465B886221AAB133AC34159
                          SHA-512:1F9634C6348FC16597D739E8BB15E1487922A5F42B9EEE690C7C15B6B7B35634EADE679E3B9F8361C8D9394618F485F7180518958968D9E8E13E8AC77D77BABA
                          Malicious:false
                          Reputation:unknown
                          Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1727703879"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNor
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\9dc23066-1e09-4b16-bd4f-ce6403d728af.tmp
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):48582
                          Entropy (8bit):6.094871352122025
                          Encrypted:false
                          SSDEEP:
                          MD5:63A7449A505BC731D410E77CC6828A6E
                          SHA1:A5814BA7A8A7AC9304A35FF76484DFCF1F93D82D
                          SHA-256:06C38D9C2FAF45B08309B88750E3D16E8225A0B33193F704A8B54DA147BE28A7
                          SHA-512:ABDE15344F73F95153B953900375F584E1E0A976C90DF277BD9B0C7D1E4E13E65DCAEB3E244E1C8E9D3B22EBD58B311D9C0E8863033E50AE60A7577914568290
                          Malicious:false
                          Reputation:unknown
                          Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1727703879"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNor
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66FAAB37-1BCC.pma
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):4194304
                          Entropy (8bit):0.4867246996536817
                          Encrypted:false
                          SSDEEP:
                          MD5:C31FCFBFD03478F8C5E9A59950527EFE
                          SHA1:BE73F6A1451EBF41C2AE664722C2F287E3B998D4
                          SHA-256:863CA35F66C7E9C2C1A132C5339565CE359FFCC6D067C29106E79D8CBB438240
                          SHA-512:372EC380C813889A885E15FCB70A5635DFAA5B1695984158AD0376C6E694660A6E8EBE68197666C281DBB119FAE4694684959F80C4E781D39F6D6CE0752A5CF9
                          Malicious:false
                          Reputation:unknown
                          Preview:...@..@...@.....C.].....@...............P...................`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30....i.........117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".wwgmva20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............2......................w..U?:K..>.........."....."...2...".*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z....+....W@..$...SF@.......Y@.......Y@.......Y@........?........?.................?.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@................Y@.......Y@.......Y@........?........?z............<..8...#...msNurturingAssistanceHomeDependency.....triggered....(..$...
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66FAAB37-1DF8.pma
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):4194304
                          Entropy (8bit):0.03955506451533901
                          Encrypted:false
                          SSDEEP:
                          MD5:3F6B3C056C8E1630D25DDCFAE56E43CF
                          SHA1:CB11334915D919B4226B743A309FF973D9F202FC
                          SHA-256:0538D55F9C6224E6B3EE9AE4238783347161B40CED76C22510D4B429B6A84A30
                          SHA-512:6BD083EEFF7DF6E0CD4284F356CDD4173D96586BB4E4B13BBB95432B14F164EDA24BF530BDA83D147BF3F6371661BAB1186E058EF896DE43F0D914AE2EDA5077
                          Malicious:false
                          Reputation:unknown
                          Preview:...@..@...@.....C.].....@................_...O..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30....e.........117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".wwgmva20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............2......................w..U.>.........."....."...2...".*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z....+....W@..$...SF@.......Y@.......Y@.......Y@........?........?.................?.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@................Y@.......Y@.......Y@........?........?z.......................................................................................
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):280
                          Entropy (8bit):4.175487325473111
                          Encrypted:false
                          SSDEEP:
                          MD5:A7CCECF522C54F332C20F87364541D21
                          SHA1:9BC0158838376771524775C6A21B2C288B85DF29
                          SHA-256:C0DFA7F2AC753029B585282D72FA7FFB637B25EEEABCFABD34F5AFAEF6B52414
                          SHA-512:97384C313176F334940858D10F81EB8863FB373FA3698F7BDCEA125F9DF234FFB7255DCADA1A6A1311F47F1262CDDC0AB58D866F575176A0D8E300BE12CDD874
                          Malicious:false
                          Reputation:unknown
                          Preview:sdPC......................z....K..s...x."1SCRpGKHAwpF5kOwXUUSc/ojBrTkNG2SgkvqW1WE7kI="..................................................................................47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=....................7dc5f755-0f90-4102-bc8e-37d02917bdc7............
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\46661eba-13da-48dd-b40d-4a192d395efc.tmp
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):11940
                          Entropy (8bit):5.186192427896209
                          Encrypted:false
                          SSDEEP:
                          MD5:F267B483D01EC3F1B2D6D01AE6CBC9C7
                          SHA1:88DEA597AAD9174E5C8CBCDDECDB97DF63756A06
                          SHA-256:1A5651E8489D09CC1B6A19DD64F4ED6DD529B3824A6E58AB232CF292BDA33289
                          SHA-512:18EDDFC5FC3E7CEDB2FA5A6C7CF284EC22FE106C6AF5E537D895BFB9DDA5818ABC074BA57A334185C3437127A37AE7C64C00CD132CD26FC7191AF0F6BEA6A794
                          Malicious:false
                          Reputation:unknown
                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13372177463882414","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\5e6f47f6-8fe4-42cf-b608-b702afe8554a.tmp
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):37816
                          Entropy (8bit):5.5558700124252045
                          Encrypted:false
                          SSDEEP:
                          MD5:8903D65B41690560E11348D5DE51D1C9
                          SHA1:C08C8A244FB38B1E28D5E6B8EB5913C77EFCA896
                          SHA-256:BB27B603CA396B9E7977B4326861B281AEBD60E3921D940379650FDBC32FEF68
                          SHA-512:97D0D3942C4CD3D3E9435CECD19D71E1F980D9FFBF010D3DBEF1BB729608380ACCFBFFE0791F0412E3732D1CCA02D95D7A00A97F2D599776F0F53959E5332B79
                          Malicious:false
                          Reputation:unknown
                          Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13372177463525190","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13372177463525190","location":5,"ma
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\8f66c84f-e02e-4fd3-88cd-5773407529df.tmp
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):39660
                          Entropy (8bit):5.56232096482061
                          Encrypted:false
                          SSDEEP:
                          MD5:24F90E1C486E47B7381C22E03F7B6BD3
                          SHA1:659440C895CDFAAE7EE9853F52DDB3BDD5027DCD
                          SHA-256:A23B96A01451ADF30BCC7563A7C3C9CEEEEE67CB25FF69D655450C6D7CA6FB56
                          SHA-512:5B2FC12DF80EFA818B15D53B9AFABC569909CF72E7B6B1D08B0E55A3D412E90AA9C3DE49517592A0E8B8C3D05F3AFC877DC8E9961F56CA82D82BA11193035D05
                          Malicious:false
                          Reputation:unknown
                          Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13372177463525190","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13372177463525190","location":5,"ma
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:modified
                          Size (bytes):2163821
                          Entropy (8bit):5.222900019361397
                          Encrypted:false
                          SSDEEP:
                          MD5:6ECC9E43E9CDBFA1DB4D6D7DFD442A5C
                          SHA1:EFAC48A81DDAEFA3FE51DE4D72076D29FEF7CBBC
                          SHA-256:FEF4584C06FFE47C49273DA5377F8E519C3E6BD4C09BB124CA3ED0A59020F2B5
                          SHA-512:05C84D1BC6320858BC71C24FACF02BB9D0503B2C524157BF44C72ED62EBF3FB9FE23864FCF1290240385B763F7C9B053BF7F0C1D0C2B8838D4562030698BB7AC
                          Malicious:false
                          Reputation:unknown
                          Preview:...m.................DB_VERSION.1...8.................QUERY_TIMESTAMP:arbitration_priority_list4.*.*.13341056840624329.$QUERY:arbitration_priority_list4.*.*..[{"name":"arbitration_priority_list","url":"https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr=c&sig=NtPyTqjbjPElpw2mWa%2FwOk1no4JFJEK8%2BwO4xQdDJO4%3D&st=2021-01-01T00%3A00%3A00Z&se=2023-12-30T00%3A00%3A00Z&sp=r&assetgroup=ArbitrationService","version":{"major":4,"minor":0,"patch":5},"hash":"N0MkrPHaUyfTgQSPaiVpHemLMcVgqoPh/xUYLZyXayg=","size":11749}]...................'ASSET_VERSION:arbitration_priority_list.4.0.5..ASSET:arbitration_priority_list.[{.  "configVersion": 32,.  "PrivilegedExperiences": [.    "ShorelinePrivilegedExperienceID",.    "SHOPPING_AUTO_SHOW_COUPONS_CHECKOUT",.    "SHOPPING_AUTO_SHOW_LOWER_PRICE_FOUND",.    "SHOPPING_AUTO_SHOW_BING_SEARCH",.    "SHOPPING_AUTO_SHOW_REBATES",.    "SHOPPING_AUTO_SHOW_REBATES_CONFIRMATION",.    "SHOPPING_AUTO_SHOW_REBATES_DEACTI
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text
                          Category:modified
                          Size (bytes):332
                          Entropy (8bit):5.113525159836042
                          Encrypted:false
                          SSDEEP:
                          MD5:EDC70DE43805B4C00757108932F63951
                          SHA1:3EEECE28D4C86B8DA53BBECBB40631CA48E7461F
                          SHA-256:D76AFC0E1661F3DAA73D88BE148C66048FF57E0A181B7A4DAD534EEA0702334D
                          SHA-512:493400A35232BE8E3ACF95D14C5BD912BEA172914125AC56F5348CF5089A28F8B9A055BF1E148CA2D5A33865803F33CDE7CED302A97212BE5CCC86BC5E10FB36
                          Malicious:false
                          Reputation:unknown
                          Preview:2024/09/30-09:44:25.992 1d04 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/09/30-09:44:25.993 1d04 Recovering log #3.2024/09/30-09:44:26.117 1d04 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
                          Category:dropped
                          Size (bytes):28672
                          Entropy (8bit):0.47766209111652286
                          Encrypted:false
                          SSDEEP:
                          MD5:35FB625F6C10599ED6A2EE746A89C813
                          SHA1:32685EB42C68D2F992FA7C646CE548F7BDE74FD3
                          SHA-256:8309D56B5F84DD5120F9E6D1C9A86B86A5012D01A31F15C230E4E6486C91150F
                          SHA-512:46E59EF91BC9086050BD86BC415EB7B22855CECD03F25393CE176D46CED8183C91CC0CED3FC9296A4E6535D92E435F5A480EF40D9132E4AABFF46058E7EE3D9A
                          Malicious:false
                          Reputation:unknown
                          Preview:SQLite format 3......@  ..........................................................................j..........g.....8...n................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DashTrackerDatabase
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 5
                          Category:dropped
                          Size (bytes):10240
                          Entropy (8bit):0.8708334089814068
                          Encrypted:false
                          SSDEEP:
                          MD5:92F9F7F28AB4823C874D79EDF2F582DE
                          SHA1:2D4F1B04C314C79D76B7FF3F50056ECA517C338B
                          SHA-256:6318FCD9A092D1F5B30EBD9FB6AEC30B1AEBD241DC15FE1EEED3B501571DA3C7
                          SHA-512:86FEF0E05F871A166C3FAB123B0A4B95870DCCECBE20B767AF4BDFD99653184BBBFE4CE1EDF17208B7700C969B65B8166EE264287B613641E7FDD55A6C09E6D4
                          Malicious:false
                          Reputation:unknown
                          Preview:SQLite format 3......@  ..........................................................................j...v... .. .....M....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000003.log
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):116
                          Entropy (8bit):4.994010050744163
                          Encrypted:false
                          SSDEEP:
                          MD5:A105E51FE00336B6E15773C6527E666B
                          SHA1:2DB0F6E166BDB55F73C77B649542B9810041B35C
                          SHA-256:4D04DCB4BEE7F0510E10B56602A004B99C94E7C8184058CD1AF09B27E16D2AAB
                          SHA-512:723027F9076E2370CD04EFF88613CBEFF1BCBD721168E7BF53F2EE68E0E6EAF04205FC5D7B177D3BCF37E39A4890711068D3FEB106215FE5695E1ABC6AD2FB7D
                          Malicious:false
                          Reputation:unknown
                          Preview:...m.................DB_VERSION.1g.YL................FLYOUT_STORAGE:.{"personalization_data_consent_enabled":false}
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text
                          Category:dropped
                          Size (bytes):341
                          Entropy (8bit):5.2100328251674
                          Encrypted:false
                          SSDEEP:
                          MD5:A798CAE138FBD6DB2DADE3C5D657C6D9
                          SHA1:2D04B209100DDD5169A336D81A33034E5A2A66C0
                          SHA-256:059E54FC27CCDF7BDE4786A653548AFB09B7EE3521814D9173C2238892E0508E
                          SHA-512:5CD9F16EFE62F82675832E6AA2C9CC7E64C656CA6061F8D8C3A06F13A690BE20F63248E7FE8B856E19CAAA15818D8E82F150BEF6C6222996AF2FCA9C3932DAC1
                          Malicious:false
                          Reputation:unknown
                          Preview:2024/09/30-09:44:23.526 77c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/09/30-09:44:23.526 77c Recovering log #3.2024/09/30-09:44:23.527 77c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 6
                          Category:dropped
                          Size (bytes):20480
                          Entropy (8bit):0.6128512133383508
                          Encrypted:false
                          SSDEEP:
                          MD5:EFDBAED99F3F7F59D4F071EAD711ABA9
                          SHA1:CDF7328EE7BEE965314E7702A47A68F10FCBC2B1
                          SHA-256:7C12BF90B4BAA1724D2B6C898A8413FD4B1E67059125AAE7191512D9773544A3
                          SHA-512:8836A6553E9944469E59A00FE59E134334B7452F67097E78A9170A4A027FFD75D63856AD52BD322526217F933C02B958ED185DDB352D0A2A514D4811FE5ACFC8
                          Malicious:false
                          Reputation:unknown
                          Preview:SQLite format 3......@  ..........................................................................j...%.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:modified
                          Size (bytes):375520
                          Entropy (8bit):5.354127976620746
                          Encrypted:false
                          SSDEEP:
                          MD5:7B6C8E2B4E0B8A5AC65A4FAB743ADDC8
                          SHA1:3ECFB02FD27E482F0C6C6F2D8B974224EB62C0B5
                          SHA-256:840CEA7A3FC9E16FD2E59F78560BDB2978925737CF73BF72E4541746F24C5599
                          SHA-512:EA29616D11E453ECC461D6E7C954E6653CA09A001C0B2BE711C3086EE91EB1D9D798C2CF83764DC6548090211D175DC257D77C33F1901462E4520189F6AF02B7
                          Malicious:false
                          Reputation:unknown
                          Preview:...m.................DB_VERSION.1HU..q...............&QUERY_TIMESTAMP:domains_config_gz2.*.*.13372177467212466..QUERY:domains_config_gz2.*.*..[{"name":"domains_config_gz","url":"https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig","version":{"major":2,"minor":8,"patch":76},"hash":"78Xsq/1H+MXv88uuTT1Rx79Nu2ryKVXh2J6ZzLZd38w=","size":374872}]..*.`~...............ASSET_VERSION:domains_config_gz.2.8.76..ASSET:domains_config_gz...{"config": {"token_limit": 1600, "page_cutoff": 4320, "default_locale_map": {"bg": "bg-bg", "bs": "bs-ba", "el": "el-gr", "en": "en-us", "es": "es-mx", "et": "et-ee", "cs": "cs-cz", "da": "da-dk", "de": "de-de", "fa": "fa-ir", "fi": "fi-fi", "fr": "fr-fr", "he": "he-il", "hr": "hr-hr", "hu": "hu-hu", "id": "id-id", "is": "is-is", "it": "it-it", "ja": "ja-jp", "ko": "ko-kr", "lv": "lv-lv", "lt": "lt-lt", "mk": "mk-mk", "nl": "nl-nl", "nb": "nb-no", "no": "no-no", "pl": "pl-pl", "pt": "pt-pt", "ro": "
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text
                          Category:dropped
                          Size (bytes):307
                          Entropy (8bit):5.157949878380457
                          Encrypted:false
                          SSDEEP:
                          MD5:FAD0B3BD5782723A52089CC97C08F8DF
                          SHA1:107ECE9118B7A622741057CAC7685D2AC8AB5521
                          SHA-256:C7FD5A4E2E2C1BDBD233F405092C9C3264983CC6D822E971D7905A86CD70A3EA
                          SHA-512:CDB1E9096704C7622634C3495DD90F51A4ED01D3D0F68A877DA44218BB83FC28F6FB8CCBE7390AA150C5FE5980ECBD5C1914844FB48BE0D20F6B4F6597569B4F
                          Malicious:false
                          Reputation:unknown
                          Preview:2024/09/30-09:44:26.030 1770 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db since it was missing..2024/09/30-09:44:26.140 1770 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db/MANIFEST-000001.
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:modified
                          Size (bytes):358860
                          Entropy (8bit):5.324621967217958
                          Encrypted:false
                          SSDEEP:
                          MD5:17675F186D21847B04165F3BEF3CAF5D
                          SHA1:52365362A19B79FCA13C74A968A8600413677A29
                          SHA-256:AAE3B786387991C6D3579A63BAA4E3432474780ABD912AF668FDC4A9D4477C6C
                          SHA-512:229B00C4DB184873DE0F5354FB2767A24967BB12D9600A1F203579A8253B717307901A1C2413FDF66722123FDF8289EBBB0D3A80E6FC53392952084AE7D2C391
                          Malicious:false
                          Reputation:unknown
                          Preview:{"aee_config":{"ar":{"price_regex":{"ae":"(((ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)))","dz":"(((dzd|da|\\x{062F}\\x{062C})\\s*\\d{1,3})|(\\d{1,3}\\s*(dzd|da|\\x{062F}\\x{062C})))","eg":"(((e\\x{00a3}|egp)\\s*\\d{1,3})|(\\d{1,3}\\s*(e\\x{00a3}|egp)))","ma":"(((mad|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(mad|dhs|dh)))","sa":"((\\d{1,3}\\s*(sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633}))|((sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633})\\s*\\d{1,3}))"},"product_terms":"((\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{0639}\\x{0631}\\x{0628}\\x{0629})|(\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{062D}\\x{0642}\\x{064A}\\x{0628}\\x{0629})|(\\x{0627}\\x{0634}\\x{062A}\\x{0631}\\x{064A}\\s*\\x{0627}\\x{0644}\\x{0622}\\x{0646})|(\\x{062E}\\x{064A}\\x{0627}\\x{0631}
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):418
                          Entropy (8bit):1.8784775129881184
                          Encrypted:false
                          SSDEEP:
                          MD5:BF097D724FDF1FCA9CF3532E86B54696
                          SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                          SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                          SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                          Malicious:false
                          Reputation:unknown
                          Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text
                          Category:dropped
                          Size (bytes):317
                          Entropy (8bit):5.1452751991796815
                          Encrypted:false
                          SSDEEP:
                          MD5:48FC7995ACCEBCC9976B82EF957C0C9C
                          SHA1:50B6273E4FDA6CE9AC2D8C001549C5AEA675D7F1
                          SHA-256:25691626C660FB53A2B2A31CE9842DBC7CE801BB8CE17838A27F22071E2F0167
                          SHA-512:BE069958BD49223416CEC27359CA9A53B7E78F110FDEB913B35599061B019CBEC304CD9793F71931E4464B0034CC8584FF5B16FD562272BCD2CC145B13FACA07
                          Malicious:false
                          Reputation:unknown
                          Preview:2024/09/30-09:44:23.529 77c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/09/30-09:44:23.530 77c Recovering log #3.2024/09/30-09:44:23.530 77c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text
                          Category:dropped
                          Size (bytes):321
                          Entropy (8bit):5.193535317560455
                          Encrypted:false
                          SSDEEP:
                          MD5:114A1C1B83BE208E3EA7F02DA3EFF446
                          SHA1:6818AB158EE8F088B6E76FFBD29114E040DAF5A3
                          SHA-256:869D4C5EAD4E5FC9024E068221D798A26AF663BCD2B398E263EB38BD645A1125
                          SHA-512:64F6870A42A41EE910EA957CDF81431CA15D0CD0611328ED764F8D39C41BF7974F78AA69EC0C96F26640A5444EA67B8906918E8BB4E833EE64DA375EAB731EE8
                          Malicious:false
                          Reputation:unknown
                          Preview:2024/09/30-09:44:23.564 77c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/09/30-09:44:23.565 77c Recovering log #3.2024/09/30-09:44:23.565 77c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):1254
                          Entropy (8bit):1.8784775129881184
                          Encrypted:false
                          SSDEEP:
                          MD5:826B4C0003ABB7604485322423C5212A
                          SHA1:6B8EF07391CD0301C58BB06E8DEDCA502D59BCB4
                          SHA-256:C56783C3A6F28D9F7043D2FB31B8A956369F25E6CE6441EB7C03480334341A63
                          SHA-512:0474165157921EA84062102743EE5A6AFE500F1F87DE2E87DBFE36C32CFE2636A0AE43D8946342740A843D5C2502EA4932623C609B930FE8511FE7356D4BAA9C
                          Malicious:false
                          Reputation:unknown
                          Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5........
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text
                          Category:dropped
                          Size (bytes):317
                          Entropy (8bit):5.083943655093253
                          Encrypted:false
                          SSDEEP:
                          MD5:CF2370BAADAD814E47D38D27167E1213
                          SHA1:065FED3B1F015B0559F31E13162AA2A7D75814C9
                          SHA-256:6B541CB22EC7212502A27D0951ED874DCE4E6A3DEBECF72BCCDF942133D84819
                          SHA-512:8B9814A8B8299A8060B5818500C9F83E5BAEB25A49823C7146F6075DEC86058289202F6D76B013FD7955F106D1CB208F43CA700528FCA3F455DB0F12A83C4950
                          Malicious:false
                          Reputation:unknown
                          Preview:2024/09/30-09:44:24.059 540 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/09/30-09:44:24.060 540 Recovering log #3.2024/09/30-09:44:24.060 540 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):429
                          Entropy (8bit):5.809210454117189
                          Encrypted:false
                          SSDEEP:
                          MD5:5D1D9020CCEFD76CA661902E0C229087
                          SHA1:DCF2AA4A1C626EC7FFD9ABD284D29B269D78FCB6
                          SHA-256:B829B0DF7E3F2391BFBA70090EB4CE2BA6A978CCD665EEBF1073849BDD4B8FB9
                          SHA-512:5F6E72720E64A7AC19F191F0179992745D5136D41DCDC13C5C3C2E35A71EB227570BD47C7B376658EF670B75929ABEEBD8EF470D1E24B595A11D320EC1479E3C
                          Malicious:false
                          Reputation:unknown
                          Preview:{"file_hashes":[{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","6RbL+qKART8FehO4s7U0u67iEI8/jaN+8Kg3kII+uy4=","CuN6+RcZAysZCfrzCZ8KdWDkQqyaIstSrcmsZ/c2MVs="],"block_size":4096,"path":"content.js"},{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","UL53sQ5hOhAmII/Yx6muXikzahxM+k5gEmVOh7xJ3Rw=","u6MdmVNzBUfDzMwv2LEJ6pXR8k0nnvpYRwOL8aApwP8="],"block_size":4096,"path":"content_new.js"}],"version":2}
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 2, database pages 11, cookie 0x8, schema 4, UTF-8, version-valid-for 2
                          Category:dropped
                          Size (bytes):24576
                          Entropy (8bit):2.351772164127263
                          Encrypted:false
                          SSDEEP:
                          MD5:4D0C687C04D8BB45A969C1183A810E0F
                          SHA1:CA179776BB00B502317422CFCCC6EAD9AAC807FD
                          SHA-256:2FEC8E470DD54C3816AB14AD9F23D79DAA433616E96D5F5B61DF6DB90369F1A4
                          SHA-512:0B4748AE80751D36C4BEE2522DB644010B8E26D833751AFA428F8D00F27D9B6E7076546DCBF162CCF23FC708858F783EFA92DF9571DFCC25AC605A9E0F07CDBD
                          Malicious:false
                          Reputation:unknown
                          Preview:SQLite format 3......@  ..........................................................................j..........g....._.c...~.2.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................s...;+...indexfavicon_bitmaps_icon_idfavico
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 2
                          Category:dropped
                          Size (bytes):155648
                          Entropy (8bit):0.6629987899219594
                          Encrypted:false
                          SSDEEP:
                          MD5:50FE5F759C951261F8D619B00B433945
                          SHA1:FE1543558B6F600A1758680C9ACD0A9896F188B1
                          SHA-256:35EF5FF96B5A810BB2EB32234204C08CBC32709DFFCEC71F49E8002FE147B9B5
                          SHA-512:E0F2C5E50DE8F2D928461CB7914A1C59B909E29D0EF7F55E507513DC4DD0120FB65F27C0615BBE46F99675C1F7D187673A9ACCB98C5A594DCBF531DDEDE1A855
                          Malicious:false
                          Reputation:unknown
                          Preview:SQLite format 3......@  .......&..................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):8720
                          Entropy (8bit):0.2191763562065486
                          Encrypted:false
                          SSDEEP:
                          MD5:BFFCA4ADC1E0E51D4E66DF92A1D03F03
                          SHA1:5EBFF924B83E0329F658CCAAFFE184EA836C326F
                          SHA-256:543C961813FB99C3D5EA869715DB976CFF3C7A096C5833E1A4C99AADAB12D793
                          SHA-512:D964502DBCE3A296C94A1EBD7DC51F60E0770DE82CBC6D5475E120CFCB87D7E8B16EA8AE008A5CC47D204F81C0876E50B7DF413C3641A55857A6486CBBEB69FB
                          Malicious:false
                          Reputation:unknown
                          Preview:............5......&....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                          Category:dropped
                          Size (bytes):0
                          Entropy (8bit):0.0
                          Encrypted:false
                          SSDEEP:
                          MD5:3D8183370B5E2A9D11D43EBEF474B305
                          SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                          SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                          SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "current_locale": "en-GB",..   "hub_apps": [ {..      "auto_show": {..         "enabled": true,..         "fre_notification": {..            "enabled": true,..            "header": "Was opening this pane helpful to you?",..            "show_count": 2,..            "text": "Was opening this pane helpful to you?"..         },..         "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",..         "settings_title": "Automatically open Bing Chat in the sidebar",..         "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {..            "show_count_basis": "signal",..            "signal_name": "IsMsnArticleAutoOpenFromP1P2",..            "signal_threshold": 0.5..         } ],..         "triggering_configs|flight:msUndersidePersistentChat": [ {..            "signal_name": "IsUndersidePersistentChatLink",..            "signal_threshold": 0.5..         } ],..         "triggering_co
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 11, cookie 0x3, schema 4, UTF-8, version-valid-for 6
                          Category:dropped
                          Size (bytes):45056
                          Entropy (8bit):3.5492162583208913
                          Encrypted:false
                          SSDEEP:
                          MD5:F7C62C8E9863419A05518B439A6D7228
                          SHA1:46C2322112B8F1CD62535DB4883D036BA364F62C
                          SHA-256:11DB10FD21048AF884927F3834BF1E53605BCE92C10C67EFD7E8CDF90A8C5694
                          SHA-512:70E98510F73DC5E3D6D1EBAD295470D9AE027D16CE4DF6D1E94952355D2A93494DBAD479D0027058A8A3C8008CA1ED320503702F6313044961F4D2C2D46AFE3A
                          Malicious:false
                          Reputation:unknown
                          Preview:SQLite format 3......@  ..........................................................................j..........g...:.8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text
                          Category:dropped
                          Size (bytes):401
                          Entropy (8bit):5.187843928050802
                          Encrypted:false
                          SSDEEP:
                          MD5:278F6097FD7BE2DE1724E89CD9D7FC50
                          SHA1:55E02D638DDED759CBE8F30675C74A5196D924BE
                          SHA-256:42512BCDC3275B0D6A106CAD2F941A9913A72839A2F252F74D47BD7C6D3C8CCB
                          SHA-512:5D2A699CC47483CF10E39CEDB5B3026C2728A666A72C7A2E0E337F5BED6BFCA425895F93EEEE2CF03F376000D7AC1DD259FD5A0CC97F0F0DC83E6151C42E536A
                          Malicious:false
                          Reputation:unknown
                          Preview:2024/09/30-09:44:24.443 540 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/09/30-09:44:24.444 540 Recovering log #3.2024/09/30-09:44:24.444 540 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):1845
                          Entropy (8bit):5.725807477116862
                          Encrypted:false
                          SSDEEP:
                          MD5:B3D1C8020ABC3F407C4EBF41D8687846
                          SHA1:7A87B65AD0A94A82B375C0251225892048B93D8F
                          SHA-256:1AD4521F9C0B0089A6BB532CB2A3469C3D04F5B012B296C9AB7B196F6191AE03
                          SHA-512:38E57C9686DFF3FCED25E19ABEA57043A82CC9177F4653E27ADE4284A665F6C764BD440BD4663E9F30E638653BD139231DEA9911CE4FDA8DD07C5626797E6BE0
                          Malicious:false
                          Reputation:unknown
                          Preview:}D1..................VERSION.1..META:https://ntp.msn.com.............!_https://ntp.msn.com..LastKnownPV..1727703880161.._https://ntp.msn.com..MUID!.2198A91F213968FB14F7BC1520916950.%_https://ntp.msn.com..clean_meta_flag..1.5_https://ntp.msn.com..enableUndersideAutoOpenFromEdge..false.&_https://ntp.msn.com..oneSvcUniTunMode..header."_https://ntp.msn.com..pageVersions..{"ntp":"20240927.391"}.#_https://ntp.msn.com..selectedPivot..myFeed.#_https://ntp.msn.com..switchedPivot..myFeed.!_https://ntp.msn.com..storageTestp?.r3................META:https://apps.microsoft.com.........+."_https://apps.microsoft.com..webId%.73a0d48e-ca5f-4ca8-b277-51ff480b2036.V_https://apps.microsoft.com..Mon Sep 30 2024 09:44:53 GMT-0400 (Eastern Daylight Time).V_https://apps.microsoft.com..Mon Sep 30 2024 09:44:54 GMT-0400 (Eastern Daylight Time).;E.x................META:https://www.microsoft.com...........#_https://www.microsoft.com.._uetsid!.306921307f3211ef860e673c6bee2929.'_https://www.microsoft.com.._ue
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text
                          Category:dropped
                          Size (bytes):329
                          Entropy (8bit):5.0855897063039865
                          Encrypted:false
                          SSDEEP:
                          MD5:09F3D7821063F02236F642CEB8B46B69
                          SHA1:500B226AA24E25C3A50903246CA22201A5D99013
                          SHA-256:79C61849D6A7F87F3F12B4FB5B40E0D3F157C4945CF0CBA3F2182BDB8498D7DC
                          SHA-512:A22637DEAF4408AD1B9844BF32C14B6EF6A949C3B3F4FDCDA84643B8330AB26DC3DFBCB53B24DD5422B6425CA52FC79540C354871650C06394DE00FED389053A
                          Malicious:false
                          Reputation:unknown
                          Preview:2024/09/30-09:44:23.633 e40 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/09/30-09:44:23.634 e40 Recovering log #3.2024/09/30-09:44:23.637 e40 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network Action Predictor
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 11, cookie 0x6, schema 4, UTF-8, version-valid-for 4
                          Category:dropped
                          Size (bytes):45056
                          Entropy (8bit):0.48143685780059464
                          Encrypted:false
                          SSDEEP:
                          MD5:BE210FE3079B56CCC11E0BA116D0FD5A
                          SHA1:7FAD7D403F7AF8A9F65EE3F9B4C72B60567C1207
                          SHA-256:57CD0962E53C51277A88A4FA07CEB04DF13C63B5D04CEE470C11AC840EC95497
                          SHA-512:F74D553BB73CADC5662094A38077F94A735A51A6F428798CBBAA147EF894CDF890CFC895AF548E407D0329963D5FEB023E27E8B2B761E0D5487AD12CD49F9D14
                          Malicious:false
                          Reputation:unknown
                          Preview:SQLite format 3......@  ..........................................................................j.......=......\.t.+.>...,...=........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\5eb025c1-b3a3-414e-92bf-05efe9f5c39f.tmp
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):40
                          Entropy (8bit):4.1275671571169275
                          Encrypted:false
                          SSDEEP:
                          MD5:20D4B8FA017A12A108C87F540836E250
                          SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                          SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                          SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                          Malicious:false
                          Reputation:unknown
                          Preview:{"SDCH":{"dictionaries":{},"version":2}}
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\7d916ced-780c-4255-95db-1df146c07226.tmp
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1594
                          Entropy (8bit):5.270752833746641
                          Encrypted:false
                          SSDEEP:
                          MD5:DAD591F2DAF7765B1D47F4015BC7E810
                          SHA1:F43B56586BEE60164B848B3F2AC1BD96F8BD309C
                          SHA-256:77BC846E8A3644D18C821646E7CF246638625BF0BA82F70423F5344A07F580DD
                          SHA-512:DEA7E2D0E252D55FD86F28311301505E01C23BD24D6771009F316B2203B7DAA9C1C15DAAECF66CE853CEC8AF1B68B87CD04DEE7BC308738E407577E0B1047D13
                          Malicious:false
                          Reputation:unknown
                          Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13374769465646062","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com"},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13374769466642794","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com"},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13372263901067862","port":443,"protocol_str":"quic"}],"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://connect.facebook.net"},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13372263903980908","port":443,"protocol_str":"quic"}],"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://www.facebook.com"},{"alternative_serv
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 9, database pages 8, cookie 0x5, schema 4, UTF-8, version-valid-for 9
                          Category:dropped
                          Size (bytes):32768
                          Entropy (8bit):3.426417245214903
                          Encrypted:false
                          SSDEEP:
                          MD5:AC0108729B216C2CC19B17C68D6192F1
                          SHA1:1DE9EAA98A83F627C7F63BDDE3CBE4AC6FB9ECDB
                          SHA-256:C2A13C432BC6BD1FF80FF8BD258C5B2C356BED94AAF64A1F1DE6A5FF8A0D7C5D
                          SHA-512:9A89710D2CBB5ADBC182FA1E80C8F6641862C875E15B65D711E5B8A0E8DFE82182B4A110D2FC8060C3142B42C9DBBDD8C789EBD88156E12AD6BA4D74794862A2
                          Malicious:false
                          Reputation:unknown
                          Preview:SQLite format 3......@  ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):0
                          Entropy (8bit):0.0
                          Encrypted:false
                          SSDEEP:
                          MD5:285252A2F6327D41EAB203DC2F402C67
                          SHA1:ACEDB7BA5FBC3CE914A8BF386A6F72CA7BAA33C6
                          SHA-256:5DFC321417FC31359F23320EA68014EBFD793C5BBED55F77DAB4180BBD4A2026
                          SHA-512:11CE7CB484FEE66894E63C31DB0D6B7EF66AD0327D4E7E2EB85F3BCC2E836A3A522C68D681E84542E471E54F765E091EFE1EE4065641B0299B15613EB32DCC0D
                          Malicious:false
                          Reputation:unknown
                          Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF3bc5c.TMP (copy)
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):0
                          Entropy (8bit):0.0
                          Encrypted:false
                          SSDEEP:
                          MD5:285252A2F6327D41EAB203DC2F402C67
                          SHA1:ACEDB7BA5FBC3CE914A8BF386A6F72CA7BAA33C6
                          SHA-256:5DFC321417FC31359F23320EA68014EBFD793C5BBED55F77DAB4180BBD4A2026
                          SHA-512:11CE7CB484FEE66894E63C31DB0D6B7EF66AD0327D4E7E2EB85F3BCC2E836A3A522C68D681E84542E471E54F765E091EFE1EE4065641B0299B15613EB32DCC0D
                          Malicious:false
                          Reputation:unknown
                          Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 7
                          Category:dropped
                          Size (bytes):36864
                          Entropy (8bit):2.475092577205196
                          Encrypted:false
                          SSDEEP:
                          MD5:6DA0E12BB4F1DB7FFF9644DA94DE745B
                          SHA1:19EDEC3E80F4424D886D1FD4BBFE72CA48543F51
                          SHA-256:23BC5070204E2CFF5AB8A3D2AF64396DED167A623DB9D554CE775E16C5C8E476
                          SHA-512:8A85B02C0A63387CEC4B3FD6BB24A3D75CE59EF661FAD2589DF3BC23298E275C06DE683E8CF77F309E67BD04A71D4B4B7351A765957EA0493E61B567B01186AC
                          Malicious:false
                          Reputation:unknown
                          Preview:SQLite format 3......@  ..........................................................................j..........g...D.........7............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):0
                          Entropy (8bit):0.0
                          Encrypted:false
                          SSDEEP:
                          MD5:20D4B8FA017A12A108C87F540836E250
                          SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                          SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                          SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                          Malicious:false
                          Reputation:unknown
                          Preview:{"SDCH":{"dictionaries":{},"version":2}}
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity (copy)
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):0
                          Entropy (8bit):0.0
                          Encrypted:false
                          SSDEEP:
                          MD5:0AED579890D85D7C56342FD41E4C6738
                          SHA1:DB6D68388F7BAFB830B18778AB23A7ADFC58C20C
                          SHA-256:1EA282E378FD235ABD621505619DC377789B1B5E401B8142B7261B46DACF4478
                          SHA-512:621EBB3CFA9CA78BA91C240963D9FE9F0829B9F5E8FC212A8421419219229ED316B4F9CFA7542B5EC0619C376A18C2C8CC0E68B1B41BFB239C8D46C619CC01A6
                          Malicious:false
                          Reputation:unknown
                          Preview:{"sts":[{"expiry":1759239901.068309,"host":"+loO+DGmT6DTr59JZFAnGSlBAwPkO5M/R9ec1Sw/9KA=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1727703901.068314}],"version":2}
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\de46aa9c-addc-4ee9-bf1a-5efebfbbac2d.tmp
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):188
                          Entropy (8bit):5.413658365413304
                          Encrypted:false
                          SSDEEP:
                          MD5:0AED579890D85D7C56342FD41E4C6738
                          SHA1:DB6D68388F7BAFB830B18778AB23A7ADFC58C20C
                          SHA-256:1EA282E378FD235ABD621505619DC377789B1B5E401B8142B7261B46DACF4478
                          SHA-512:621EBB3CFA9CA78BA91C240963D9FE9F0829B9F5E8FC212A8421419219229ED316B4F9CFA7542B5EC0619C376A18C2C8CC0E68B1B41BFB239C8D46C619CC01A6
                          Malicious:false
                          Reputation:unknown
                          Preview:{"sts":[{"expiry":1759239901.068309,"host":"+loO+DGmT6DTr59JZFAnGSlBAwPkO5M/R9ec1Sw/9KA=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1727703901.068314}],"version":2}
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\eab80360-2957-497e-8a6d-a6e7dff3d007.tmp
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):111
                          Entropy (8bit):4.718418993774295
                          Encrypted:false
                          SSDEEP:
                          MD5:285252A2F6327D41EAB203DC2F402C67
                          SHA1:ACEDB7BA5FBC3CE914A8BF386A6F72CA7BAA33C6
                          SHA-256:5DFC321417FC31359F23320EA68014EBFD793C5BBED55F77DAB4180BBD4A2026
                          SHA-512:11CE7CB484FEE66894E63C31DB0D6B7EF66AD0327D4E7E2EB85F3BCC2E836A3A522C68D681E84542E471E54F765E091EFE1EE4065641B0299B15613EB32DCC0D
                          Malicious:false
                          Reputation:unknown
                          Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 3
                          Category:dropped
                          Size (bytes):20480
                          Entropy (8bit):0.5743529459392946
                          Encrypted:false
                          SSDEEP:
                          MD5:558A3F8C86B4E6580B54E8F7FA7E3DAF
                          SHA1:BE2CA20287B762D66037530A721A825786816845
                          SHA-256:4821B776B0FDC4190DB1B261174F6C2D664DD45F3C0D77FE359D7B63FF64609C
                          SHA-512:BF743179D9448C8BF2256EEA447CD43FB1440C620CD57F8C72A71BED0995F2590FAE177426AF38211E9ADEADD3A0A023AAFA91517907F1AFF5F3A7794CBFD143
                          Malicious:false
                          Reputation:unknown
                          Preview:SQLite format 3......@  ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):0
                          Entropy (8bit):0.0
                          Encrypted:false
                          SSDEEP:
                          MD5:F267B483D01EC3F1B2D6D01AE6CBC9C7
                          SHA1:88DEA597AAD9174E5C8CBCDDECDB97DF63756A06
                          SHA-256:1A5651E8489D09CC1B6A19DD64F4ED6DD529B3824A6E58AB232CF292BDA33289
                          SHA-512:18EDDFC5FC3E7CEDB2FA5A6C7CF284EC22FE106C6AF5E537D895BFB9DDA5818ABC074BA57A334185C3437127A37AE7C64C00CD132CD26FC7191AF0F6BEA6A794
                          Malicious:false
                          Reputation:unknown
                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13372177463882414","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF2f802.TMP (copy)
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):0
                          Entropy (8bit):0.0
                          Encrypted:false
                          SSDEEP:
                          MD5:F267B483D01EC3F1B2D6D01AE6CBC9C7
                          SHA1:88DEA597AAD9174E5C8CBCDDECDB97DF63756A06
                          SHA-256:1A5651E8489D09CC1B6A19DD64F4ED6DD529B3824A6E58AB232CF292BDA33289
                          SHA-512:18EDDFC5FC3E7CEDB2FA5A6C7CF284EC22FE106C6AF5E537D895BFB9DDA5818ABC074BA57A334185C3437127A37AE7C64C00CD132CD26FC7191AF0F6BEA6A794
                          Malicious:false
                          Reputation:unknown
                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13372177463882414","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF320d7.TMP (copy)
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):0
                          Entropy (8bit):0.0
                          Encrypted:false
                          SSDEEP:
                          MD5:F267B483D01EC3F1B2D6D01AE6CBC9C7
                          SHA1:88DEA597AAD9174E5C8CBCDDECDB97DF63756A06
                          SHA-256:1A5651E8489D09CC1B6A19DD64F4ED6DD529B3824A6E58AB232CF292BDA33289
                          SHA-512:18EDDFC5FC3E7CEDB2FA5A6C7CF284EC22FE106C6AF5E537D895BFB9DDA5818ABC074BA57A334185C3437127A37AE7C64C00CD132CD26FC7191AF0F6BEA6A794
                          Malicious:false
                          Reputation:unknown
                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13372177463882414","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF34a97.TMP (copy)
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):0
                          Entropy (8bit):0.0
                          Encrypted:false
                          SSDEEP:
                          MD5:F267B483D01EC3F1B2D6D01AE6CBC9C7
                          SHA1:88DEA597AAD9174E5C8CBCDDECDB97DF63756A06
                          SHA-256:1A5651E8489D09CC1B6A19DD64F4ED6DD529B3824A6E58AB232CF292BDA33289
                          SHA-512:18EDDFC5FC3E7CEDB2FA5A6C7CF284EC22FE106C6AF5E537D895BFB9DDA5818ABC074BA57A334185C3437127A37AE7C64C00CD132CD26FC7191AF0F6BEA6A794
                          Malicious:false
                          Reputation:unknown
                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13372177463882414","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3b3ff.TMP (copy)
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):0
                          Entropy (8bit):0.0
                          Encrypted:false
                          SSDEEP:
                          MD5:F267B483D01EC3F1B2D6D01AE6CBC9C7
                          SHA1:88DEA597AAD9174E5C8CBCDDECDB97DF63756A06
                          SHA-256:1A5651E8489D09CC1B6A19DD64F4ED6DD529B3824A6E58AB232CF292BDA33289
                          SHA-512:18EDDFC5FC3E7CEDB2FA5A6C7CF284EC22FE106C6AF5E537D895BFB9DDA5818ABC074BA57A334185C3437127A37AE7C64C00CD132CD26FC7191AF0F6BEA6A794
                          Malicious:false
                          Reputation:unknown
                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13372177463882414","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):0
                          Entropy (8bit):0.0
                          Encrypted:false
                          SSDEEP:
                          MD5:8903D65B41690560E11348D5DE51D1C9
                          SHA1:C08C8A244FB38B1E28D5E6B8EB5913C77EFCA896
                          SHA-256:BB27B603CA396B9E7977B4326861B281AEBD60E3921D940379650FDBC32FEF68
                          SHA-512:97D0D3942C4CD3D3E9435CECD19D71E1F980D9FFBF010D3DBEF1BB729608380ACCFBFFE0791F0412E3732D1CCA02D95D7A00A97F2D599776F0F53959E5332B79
                          Malicious:false
                          Reputation:unknown
                          Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13372177463525190","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13372177463525190","location":5,"ma
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF30792.TMP (copy)
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):0
                          Entropy (8bit):0.0
                          Encrypted:false
                          SSDEEP:
                          MD5:8903D65B41690560E11348D5DE51D1C9
                          SHA1:C08C8A244FB38B1E28D5E6B8EB5913C77EFCA896
                          SHA-256:BB27B603CA396B9E7977B4326861B281AEBD60E3921D940379650FDBC32FEF68
                          SHA-512:97D0D3942C4CD3D3E9435CECD19D71E1F980D9FFBF010D3DBEF1BB729608380ACCFBFFE0791F0412E3732D1CCA02D95D7A00A97F2D599776F0F53959E5332B79
                          Malicious:false
                          Reputation:unknown
                          Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13372177463525190","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13372177463525190","location":5,"ma
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000003.log
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):2119
                          Entropy (8bit):5.934769421683774
                          Encrypted:false
                          SSDEEP:
                          MD5:E01F9FA3DDC520FF2549374AFBB503A0
                          SHA1:88C4C3B34CD12747CACA24E9F3B9751369F17FF8
                          SHA-256:9BCAA91958FA2DB61878F007EE54D805D66491D2BA00E76B19FF21D54497C9DA
                          SHA-512:119DB41B3BA6AA3C1DC627BBC53002FC8DC5C49F51FE9EA7152D0EF194BFDF94120CAB687DBB092362F250343473368413F463C8813E7D8CD75D25EDD217A040
                          Malicious:false
                          Reputation:unknown
                          Preview:....I................URES:0...INITDATA_NEXT_RESOURCE_ID.1..INITDATA_DB_VERSION.2"..x2................URES:1...INITDATA_NEXT_RESOURCE_ID.2.J...................INITDATA_NEXT_REGISTRATION_ID.2..INITDATA_NEXT_VERSION_ID.2.+INITDATA_UNIQUE_ORIGIN:https://ntp.msn.com/...REG:https://ntp.msn.com/.1......https://ntp.msn.com/edge/ntp...https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true .(.0.8.......@...Z.b.....trueh..h..h..h..h..h..h..h..h..h..h.!p.x................................REGID_TO_ORIGIN:1.https://ntp.msn.com/..RES:1.1.......https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackV
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text
                          Category:dropped
                          Size (bytes):293
                          Entropy (8bit):5.196576981057914
                          Encrypted:false
                          SSDEEP:
                          MD5:EA14359DB780ECF0D0913FFAA2CEF054
                          SHA1:5E01B5EC02D4B401C2D14FAEDCFA46862323171B
                          SHA-256:27A51BDFFEEC35397B879D215DBACA394D38DAA6F113B4659AC81BF400C933BC
                          SHA-512:C4426C7258AD9D61B1715C66E964C36D1652AD4C8D1A4DB6152A4A582256EBE9C39FF410D671EB40072EB4ABDAF3D8A0C61AFD40349E6FD11C4C0849ACA3D3A2
                          Malicious:false
                          Reputation:unknown
                          Preview:2024/09/30-09:44:52.353 678 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database since it was missing..2024/09/30-09:44:52.363 678 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database/MANIFEST-000001.
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):75531
                          Entropy (8bit):5.213543613883974
                          Encrypted:false
                          SSDEEP:
                          MD5:D0F6FFDAF5D6A9A1D207E7E05646B895
                          SHA1:DD2F1FD48E729E8CFEDD691B691717652DCEF971
                          SHA-256:4E85406E3C5B93477F025C30E9AA4969AA630E496668FD6275A9660FA648FE45
                          SHA-512:262D1255D376FB330E83253351BC3A7AC1264D6E83A18185F87EE03CE7E423D71EB0349F79CE87AF9277360A310DA2AB2BE3A1E0407F02C5FA38E212B54D3D3B
                          Malicious:false
                          Reputation:unknown
                          Preview:0\r..m..........rSG.....0try {.  self["workbox:core:6.6.0"] && _();.} catch {.}.const ee = (s, ...e) => {.  let t = s;.  return e.length > 0 && (t += ` :: ${JSON.stringify(e)}`), t;.}, te = ee;.class h extends Error {.  /**.   *.   * @param {string} errorCode The error code that.   * identifies this particular error..   * @param {Object=} details Any relevant arguments.   * that will help developers identify issues should.   * be added as a key on the context object..   */.  constructor(e, t) {.    const a = te(e, t);.    super(a), this.name = e, this.details = t;.  }.}.try {.  self["workbox:routing:6.6.0"] && _();.} catch {.}.const $ = "GET", L = (s) => s && typeof s == "object" ? s : { handle: s };.class C {.  /**.   * Constructor for Route class..   *.   * @param {workbox-routing~matchCallback} match.   * A callback function that determines whether the route matches a given.   * `fetch` event by returning a non-falsy value..   * @param {workbox-routing~handlerCallback} handler A cal
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):81449
                          Entropy (8bit):6.138047664179565
                          Encrypted:false
                          SSDEEP:
                          MD5:B6A0303A5BBA1AC0CDF507CDFFA44BD4
                          SHA1:8892A046DD703034341374920E8C2771AAB48BB6
                          SHA-256:AD41D9B5135458516938BF8C8D44C466EE6C9BE96B624A81CE7ECAD614927851
                          SHA-512:767B152E7D851BE73B5E64867AA9A866323985E78028B8E700528F9D5509ACAC93A4D4A971C0DDB22F6DB794710B07E6E6513090EB7C8E591BB84860967B5ABB
                          Malicious:false
                          Reputation:unknown
                          Preview:0\r..m..........rSG.....0....Lp.................;&......*.=.......,T.....`(......L`.....1.L`.....,T..`.....<L`......Sb...............`.......Sb.`......n.....Rb.:......ee....Rbv.j8....te................q...Rb*......se....Rbz.J....ae....Rb*z.A....ne..........Rb:. \....re...........Rb.#.....ie........Rb.......oe....q...RbV&~.....ue....q.......RbZ.,.....de....Rb^.i.....fe....1...Rb...{....me....1...1.................q...q.......Rb........ke....Rb6q......Le.......Rb..0.....De....1.......RbJ..<....Ue....Rb...E....Pe....q...Rb.6]t....Ne....Rb.c=.....Se....RbZ..O....Ke....1.......RbF..N....We.......1...Rb..A.....qe....Rb"E.t....Qe....Rb..J>....Ge....Rb.L......ze...............................................................................................................................................................................................................................Ib........L,....b....A...r...,T.8.`......L`......Rb.4.....url...r........Dh............-....-......
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):111833
                          Entropy (8bit):5.580742148740418
                          Encrypted:false
                          SSDEEP:
                          MD5:F144C36B614D22EAB91BAD5AEBD12202
                          SHA1:3F3D67A4F24AAC42A81AFD32FD7EA8F6665065F8
                          SHA-256:2BD2A5BB9725E97460389E555E75544D023912C531D2DCB5C85C9990D48E17B7
                          SHA-512:FF9E3B7C59D79E7984945F0B065F106C3799AB14FE60C480D586A81ED62A5904B2DAEBE605FA2A6BD4C68DE1FDB803A46F84F052D4599CDE883A0C386F5360CD
                          Malicious:false
                          Reputation:unknown
                          Preview:0\r..m..........V.......1!function(e,t){if("object"==typeof exports&&"object"==typeof module)module.exports=t();else if("function"==typeof define&&define.amd)define([],t);else{var s=t();for(var n in s)("object"==typeof exports?exports:e)[n]=s[n]}}(self,(()=>(()=>{"use strict";var e={894:()=>{try{self["workbox:cacheable-response:6.4.0"]&&_()}catch(e){}},81:()=>{try{self["workbox:core:6.4.0"]&&_()}catch(e){}},485:()=>{try{self["workbox:expiration:6.4.0"]&&_()}catch(e){}},484:()=>{try{self["workbox:navigation-preload:6.4.0"]&&_()}catch(e){}},248:()=>{try{self["workbox:precaching:6.4.0"]&&_()}catch(e){}},492:()=>{try{self["workbox:routing:6.4.0"]&&_()}catch(e){}},154:()=>{try{self["workbox:strategies:6.4.0"]&&_()}catch(e){}}},t={};function s(n){var a=t[n];if(void 0!==a)return a.exports;var r=t[n]={exports:{}};return e[n](r,r.exports,s),r.exports}s.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_1
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):185553
                          Entropy (8bit):6.3779824519877675
                          Encrypted:false
                          SSDEEP:
                          MD5:2EF8EB260F4D62CF59C8811DC5155502
                          SHA1:9F6357ED5F5362BC485D36B16C6E9B2B047929B8
                          SHA-256:78F4C1AA4BEFDCC2869A4B3E98D72C263E314626A88F1C26A1DB90E3CFD6AD11
                          SHA-512:8246A5B9E623D0EDF866689CF0C3EF40BD476B126D6225FCD5F6D0D708563D21C5BA592BC43FCE564B07E323BF88CA934EDB3BDB02BFB5E31C84BFF78CCB53E5
                          Malicious:false
                          Reputation:unknown
                          Preview:0\r..m..........V.......1....Lp.................;......*x........,T.8..`,.....L`.....,T...`......L`......Rc..I.....exports...Rc..."....module....Rc.9.X....define....Rb......amd....D..H...........".. ...".. ...!...a..2....]".. ...!...-.....!...|..c.....>a...8v............*.........".. ...!........./..4.....).....$Sb............I`....Da......... ..f..........`...p...0...j...p..H......5.Q.1.&;7,(...https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=truea........Db............D`.....A..A.`............,T.,.`......L`.....,T...`>....DL`.....DSb.....................q...1.c................I`....Da.....E...,T.`.`z.....L`..........a............a.........Dr8................/....-.......}....4.........../...-..........\....-........(Sb.............q.`..
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):96
                          Entropy (8bit):3.690998297273112
                          Encrypted:false
                          SSDEEP:
                          MD5:95FBD6183DE1934714EAD69E7CE7AC9A
                          SHA1:46A6D12C9741F51CABB7BD01C5B62E3ACA17007C
                          SHA-256:96CBA36D689A987ACC649318600E083192BBAF69D8AB3264A34C53F4A0A34FE3
                          SHA-512:A9976237CEED705303FE4024D764730CB82F1D14438372FC456A7DEE6D1A7DFD87D71729927BBF0897AA8A63B4F4F872CD97A34CEF9771C37A7426447B25094C
                          Malicious:false
                          Reputation:unknown
                          Preview:X....<..oy retne........................5j.+y..L.................X....,.........f.......o.../.
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index (copy)
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):0
                          Entropy (8bit):0.0
                          Encrypted:false
                          SSDEEP:
                          MD5:F50DB406232AB677F0D37BB72346E42E
                          SHA1:BCFAAE5172D545C21B256EE22F25D5D020C9464D
                          SHA-256:AEB0F6760253664F5E04BD61854D5B94798B04A71F519492B39165628379F6D2
                          SHA-512:FBD8E24F5E9CFEA042738C8579D3481E5032FD67D0F1E1A77CB9674596B51A54A4AD1902EB63223B4DBAAB559D9799FF88B00B1D72D582C5C5F38089A55BBD68
                          Malicious:false
                          Reputation:unknown
                          Preview:(.....(oy retne........................iAN../.
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RF36533.TMP (copy)
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):0
                          Entropy (8bit):0.0
                          Encrypted:false
                          SSDEEP:
                          MD5:F50DB406232AB677F0D37BB72346E42E
                          SHA1:BCFAAE5172D545C21B256EE22F25D5D020C9464D
                          SHA-256:AEB0F6760253664F5E04BD61854D5B94798B04A71F519492B39165628379F6D2
                          SHA-512:FBD8E24F5E9CFEA042738C8579D3481E5032FD67D0F1E1A77CB9674596B51A54A4AD1902EB63223B4DBAAB559D9799FF88B00B1D72D582C5C5F38089A55BBD68
                          Malicious:false
                          Reputation:unknown
                          Preview:(.....(oy retne........................iAN../.
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RF3c015.TMP (copy)
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):0
                          Entropy (8bit):0.0
                          Encrypted:false
                          SSDEEP:
                          MD5:F50DB406232AB677F0D37BB72346E42E
                          SHA1:BCFAAE5172D545C21B256EE22F25D5D020C9464D
                          SHA-256:AEB0F6760253664F5E04BD61854D5B94798B04A71F519492B39165628379F6D2
                          SHA-512:FBD8E24F5E9CFEA042738C8579D3481E5032FD67D0F1E1A77CB9674596B51A54A4AD1902EB63223B4DBAAB559D9799FF88B00B1D72D582C5C5F38089A55BBD68
                          Malicious:false
                          Reputation:unknown
                          Preview:(.....(oy retne........................iAN../.
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):27521
                          Entropy (8bit):3.771708790180472
                          Encrypted:false
                          SSDEEP:
                          MD5:BA1818996B41720774B4A7C099ADDCCB
                          SHA1:DB2DCFAC729559ECB26DC8D23851E2349DE9FB2A
                          SHA-256:FF07F373A21FF03B492B0C2DCC7DA6819BBEE17A6B36FCAF50B73F51D0A432F9
                          SHA-512:F3C6EC699900B29D3271EB4D3E996DC390858B3C1483DAFE962CD5B0DDD97D8F6FD4230B83B07E3D9AA9EAB8005425B87BB589D109CE95435BA3BF07852A407B
                          Malicious:false
                          Reputation:unknown
                          Preview:*...#................version.1..namespace-..&f.................&f.................&f.................&f.................&f.................&f................K..b................next-map-id.1.Cnamespace-9de103c1_b005_439e_a25b_49c2103a703c-https://ntp.msn.com/.0.#..h................next-map-id.2.Inamespace-f0cf5438_dc47_4a4f_9e7d_0558d03b4273-https://www.microsoft.com/.1. .................. .................. .................. .................(..q.................map-0-shd_sweeper.%{.".x.-.m.s.-.f.l.i.g.h.t.I.d.".:.".m.s.n.a.l.l.e.x.p.u.s.e.r.s.,.p.r.g.-.s.p.-.l.i.v.e.a.p.i.,.p.r.g.-.h.p.-.d.i.s.p.o.l.l.,.a.d.s.-.t.u.n.i.n.g.2.,.s.i.d.-.n.e.w.-.c.l.i.d.,.s.i.d.-.w.1.-.a.d.d.g.n.o.i.s.e.,.s.i.d.-.w.3.-.a.d.d.g.n.o.i.s.e.,.s.i.d.a.m.o.-.w.1.-.u.n.i.-.s.t.a.g.e.-.2.,.s.i.d.a.m.o.-.w.3.-.u.n.i.-.s.t.a.g.e.-.2.,.p.r.g.-.i.n.f.o.p.-.a.d.s.-.d.l.-.t.2.,.p.r.g.-.1.s.w.-.s.a.v.a.n.i.l.l.a.p.r.o.d.,.p.r.g.-.1.s.w.-.a.b.o.r.t.w.v.2.,.p.r.g.-.p.w.-.b.h.p.c.a.1.t.,.p.r.g.-.1.s.w.-.s.a.x.a.i.v.2.,.
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text
                          Category:dropped
                          Size (bytes):317
                          Entropy (8bit):5.075846882635251
                          Encrypted:false
                          SSDEEP:
                          MD5:30CBD9FC5A1DC079172F7F329C8FE834
                          SHA1:E7996FE0B06E9F4EA1EA205A9CD69CA153AE7C26
                          SHA-256:5DA4FFBED6FD6431EC07A4C2C9350C70EE19A9A27562FBD4BF321F6076645451
                          SHA-512:EEF35FC7E519B3E815EEC5F01C208C9279E31C9D749A573A550C120C49FF4415F8D0089FAF96C928C684C711728660D00FC9588B293D92A4D1AFB54CA430E2CA
                          Malicious:false
                          Reputation:unknown
                          Preview:2024/09/30-09:44:23.879 e40 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/09/30-09:44:23.889 e40 Recovering log #3.2024/09/30-09:44:23.893 e40 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13372177466036696
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):20105
                          Entropy (8bit):3.652501588312318
                          Encrypted:false
                          SSDEEP:
                          MD5:8239F41E1B82B97848523F1327F4B2A6
                          SHA1:5D5FCDA993A59D1E241F1FBB071C88A23773604F
                          SHA-256:0B5D4BEC868945C9FDCF7B77481C504F36BC0D8E6AF65F116E1C50C92680EA76
                          SHA-512:BFA00EF864009F4D74EA43B60D5B9C700A60DBE5D54F1F91EE14315A428966DBFE3760B1919120E3593B6F45FAFE33BEC934E159B965FDEC624057F7BF2B2CBF
                          Malicious:false
                          Reputation:unknown
                          Preview:SNSS.......\owr...........\owr......"\owr...........\owr.......\owr.......]owr.......]owr....!..]owr...............................\owr]owr1..,...]owr$...9de103c1_b005_439e_a25b_49c2103a703c...\owr.......]owr.....DQ........\owr...\owr.......................\owr.......................]owr....1..,...]owr....b...file:///C:/Users/user/AppData/Local/Microsoft/Windows/INetCache/Content.Outlook/0YSE14NI/email.mht..............!...............................................................X...............`...............X.......c..gV#..d..gV#......................................................................................b...f.i.l.e.:./././.C.:./.U.s.e.r.s./.c.a.l.i./.A.p.p.D.a.t.a./.L.o.c.a.l./.M.i.c.r.o.s.o.f.t./.W.i.n.d.o.w.s./.I.N.e.t.C.a.c.h.e./.C.o.n.t.e.n.t...O.u.t.l.o.o.k./.0.Y.S.E.1.4.N.I./.e.m.a.i.l...m.h.t.....................................8.......0.......8....................................................................... ................................................
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
                          Category:dropped
                          Size (bytes):20480
                          Entropy (8bit):0.44194574462308833
                          Encrypted:false
                          SSDEEP:
                          MD5:B35F740AA7FFEA282E525838EABFE0A6
                          SHA1:A67822C17670CCE0BA72D3E9C8DA0CE755A3421A
                          SHA-256:5D599596D116802BAD422497CF68BE59EEB7A9135E3ED1C6BEACC48F73827161
                          SHA-512:05C0D33516B2C1AB6928FB34957AD3E03CB0A8B7EEC0FD627DD263589655A16DEA79100B6CC29095C3660C95FD2AFB2E4DD023F0597BD586DD664769CABB67F8
                          Malicious:false
                          Reputation:unknown
                          Preview:SQLite format 3......@  ..........................................................................j..........g....."....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text
                          Category:dropped
                          Size (bytes):345
                          Entropy (8bit):5.117556493585802
                          Encrypted:false
                          SSDEEP:
                          MD5:CD4B664C2F0ECE31496DFFB288FDC188
                          SHA1:3FB9012DDA14D6FC2193E921C1CCCBD865A1B74F
                          SHA-256:984D311BBCA9BF98CC326AD8B9E04D0D6BE3AB6135C84A7ACC2BB61C536481ED
                          SHA-512:428EB8D1C8A83FD2AE1A86494BE9836383EC9DC68DD80E9E6D1B013D4D7200ECA837FC7A2B5D04976F53C9B8025B2AAEC6FE01FEDC17C980B5274BE68D8A9C75
                          Malicious:false
                          Reputation:unknown
                          Preview:2024/09/30-09:44:23.548 79c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/09/30-09:44:23.549 79c Recovering log #3.2024/09/30-09:44:23.550 79c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text
                          Category:dropped
                          Size (bytes):427
                          Entropy (8bit):5.138867093733546
                          Encrypted:false
                          SSDEEP:
                          MD5:CC974AC53CAB3904DDE354FCC099F742
                          SHA1:9D11012AA7D2FA8129D357BF5DA88FAF0A51A5DD
                          SHA-256:856D24DBEC5ED91687E3C4DDB6EE0C1C18A898D50B0A7E891F549D4F0115DD62
                          SHA-512:B46A9461C736F79DC9364666AA3B986431C8FE4B08F6D61B6D0F0B27620D7F8F3F7E06691EA96E41FEBF5E29860F3CCD7F8348C6DFE5402B39BFBF3A8E48C109
                          Malicious:false
                          Reputation:unknown
                          Preview:2024/09/30-09:44:24.017 e40 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/09/30-09:44:24.020 e40 Recovering log #3.2024/09/30-09:44:24.023 e40 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):80
                          Entropy (8bit):3.4921535629071894
                          Encrypted:false
                          SSDEEP:
                          MD5:69449520FD9C139C534E2970342C6BD8
                          SHA1:230FE369A09DEF748F8CC23AD70FD19ED8D1B885
                          SHA-256:3F2E9648DFDB2DDB8E9D607E8802FEF05AFA447E17733DD3FD6D933E7CA49277
                          SHA-512:EA34C39AEA13B281A6067DE20AD0CDA84135E70C97DB3CDD59E25E6536B19F7781E5FC0CA4A11C3618D43FC3BD3FBC120DD5C1C47821A248B8AD351F9F4E6367
                          Malicious:false
                          Reputation:unknown
                          Preview:*...#................version.1..namespace-..&f.................&f...............
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text
                          Category:dropped
                          Size (bytes):415
                          Entropy (8bit):5.180672949708988
                          Encrypted:false
                          SSDEEP:
                          MD5:41CAF428FC603BA8473AECF9A1E1106D
                          SHA1:60C517D0484CC6D3811217B7694C88C9EF3B28B1
                          SHA-256:155DEC5177F11A0C1760E80220A01EE6364CBE12897C168C3A7B9281DD8EF5EB
                          SHA-512:2F2362E116F8FDA4802D219FCAD6D2ECC08970CFAF4563AEA3523CCE6C647AF50B4DB362E163141D54CFE0660B252AB409FED896BEB6C8D6D1EC5EA7E79AD7E9
                          Malicious:false
                          Reputation:unknown
                          Preview:2024/09/30-09:44:39.416 e40 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/09/30-09:44:39.418 e40 Recovering log #3.2024/09/30-09:44:39.421 e40 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text
                          Category:dropped
                          Size (bytes):321
                          Entropy (8bit):5.167901859606968
                          Encrypted:false
                          SSDEEP:
                          MD5:93676F705D2D0DE18C01F98699C93252
                          SHA1:A562932461F6AA03D999598F63EEA6832A6E46D9
                          SHA-256:5DB8204328C8DA91AAC10007FD061CFADB26EDD7EE8427A4B0323D57E21C6AA7
                          SHA-512:814A1E0F93FE96F5BF8D01E884EB4A2DAD03813F019D2F0A9FC69B3486B486AC189242B4F4471F67894D4D5ABDA087D7F1F5A06643DE145E5D8FA2246FEF65F7
                          Malicious:false
                          Reputation:unknown
                          Preview:2024/09/30-09:44:23.520 77c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/09/30-09:44:23.522 77c Recovering log #3.2024/09/30-09:44:23.522 77c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):131072
                          Entropy (8bit):0.006692784732648164
                          Encrypted:false
                          SSDEEP:
                          MD5:0B7841A9B805F1140B442EF5C6EF173A
                          SHA1:5BF3DF8CA5EAC43D65DFF013BE9ACFC74DAA8C97
                          SHA-256:98EAFCDFE96AD6F8B6163BA81EFB96E16D1038D20340D73D1B41A12CD97D2386
                          SHA-512:2A24A74A7F0EEE58AD16B2997EB8704AA962485638C729F08D9CD0EBCF8370C6A00E3966E7537D621712745F5D0FB052431C93F83625BDD422A7CAF76E0558DF
                          Malicious:false
                          Reputation:unknown
                          Preview:VLnk.....?.......v|..lON................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 10
                          Category:dropped
                          Size (bytes):196608
                          Entropy (8bit):1.2656582410845616
                          Encrypted:false
                          SSDEEP:
                          MD5:E1393F8A29C7BD2489832071E5972DD0
                          SHA1:59018D13F316475888D126F2C0F00309F5B0B966
                          SHA-256:5ED56CDF133CDE6B1746C89471EB46FAE2A4B64C6A0B54BCBAB024FA8BA19565
                          SHA-512:06E47EA5ADEE1ABCC7FF4CF1D3C60A006C68D09E03F8B13C23A26CCE96D926AD994C734109C4015D4C37D528DA5B08997B74B0C6AC9A22863BD30B4ACF25022C
                          Malicious:false
                          Reputation:unknown
                          Preview:SQLite format 3......@  .......[...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1
                          Category:dropped
                          Size (bytes):40960
                          Entropy (8bit):0.5188900353987931
                          Encrypted:false
                          SSDEEP:
                          MD5:EC9DBA8B5DC2C19F61A9123532106F17
                          SHA1:C276B0EC011694E59E9EB05AE6A9A6FEAA1F5C01
                          SHA-256:2121C585DC2B120C00F2F2A0B6D7D9F2F7EB9C70B61A7088CCA002E3F3A9CDCE
                          SHA-512:BE0688E6AE38AFD53060E07D826B85B3876336C7DCE9FA0B5CBFC2AD1C9E36FBA3DCAF6B55C44431E17A2EF2E5B786728763CC9DBAF068238E975D1C516D1672
                          Malicious:false
                          Reputation:unknown
                          Preview:SQLite format 3......@  ..........................................................................j.......w..g...........M...w..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager-journal
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):12824
                          Entropy (8bit):0.24027993626212096
                          Encrypted:false
                          SSDEEP:
                          MD5:F34BD11C56B6E01961145DE23BB8D74B
                          SHA1:35A6AD884592461819A4EEB6395E0C8724390D2E
                          SHA-256:9198EBFAFF9B979D92671A157DB2510AAE5DFC95B95FC61F8D01F7BA204E6D8B
                          SHA-512:C533BAC60B9C12B93392D3B7CCA88A151B08FDCAF308F10E82ED81A8EB8BC415EC26A668C96C89C74C4C4CCE744647C983DCF23271181813C3AF8D1198A340DA
                          Malicious:false
                          Reputation:unknown
                          Preview:............E..`........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\b09c7768-ffa1-4a55-a89e-e312f471fe00.tmp
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text, with very long lines (17395), with no line terminators
                          Category:dropped
                          Size (bytes):17395
                          Entropy (8bit):5.4732568369034045
                          Encrypted:false
                          SSDEEP:
                          MD5:BEC519EA3B90C972202099A6C1EA8E0C
                          SHA1:DE874966EB0688B7D55C539032D7602CBADA5BFC
                          SHA-256:1627A0849C5FB72CA5F0DF7A71B351538BE4E6B2B5DF88FD9EFF321648297A98
                          SHA-512:6B82AA4047AD6BEA1D8A91942BE4124028E5FCCA4ADF293C2D9F53CEA8485126CF65079EA1B1C6CEC31864A4B5D51202C7D0464C930B44AFE7846AA0FE6922C2
                          Malicious:false
                          Reputation:unknown
                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13372177463882414","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\c1213638-91f4-4f6f-ba7b-86c3e7d342a6.tmp
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text, with very long lines (17923), with no line terminators
                          Category:dropped
                          Size (bytes):17923
                          Entropy (8bit):5.471510707195524
                          Encrypted:false
                          SSDEEP:
                          MD5:36F07C2BDC30D8098BF072FDB031E330
                          SHA1:1C64A0E4811233F5FEEE36796C977D183DA257ED
                          SHA-256:ECAEE74AA1E3D097205A70DC017A6A431DEE0D4874859489BC3CDB5C377A9D58
                          SHA-512:FD56C35CB7B103A261816441C3F366498E3EA3270AEDAA3B25AF87AAA3098DC03A9C69171ADB6E24980DB94B874F1FC03CC468981A90173438635811FE836758
                          Malicious:false
                          Reputation:unknown
                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13372177463882414","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\c6814b42-bc83-4a56-99e8-cdd8bebc38fd.tmp
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text, with very long lines (17924), with no line terminators
                          Category:dropped
                          Size (bytes):17924
                          Entropy (8bit):5.4715626721787025
                          Encrypted:false
                          SSDEEP:
                          MD5:E4A055336094ABBE7524FE7D13F7EF5D
                          SHA1:179F2530D4E9E04CFAC4454162855BCE421BE03B
                          SHA-256:045AC1A5227133C24D82D715D8214AAAC7B2C7897C1F82EE621D8B369F355119
                          SHA-512:D3335E96BDB5D0BC1B906D9BC1232724A6A79F4FF540BA1EA482172C62888C568941D4301DDBB032DB207565B0C7E47AC45FE62E060550D7583BE3B3019388F9
                          Malicious:false
                          Reputation:unknown
                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13372177463882414","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
                          Category:dropped
                          Size (bytes):28672
                          Entropy (8bit):0.3410017321959524
                          Encrypted:false
                          SSDEEP:
                          MD5:98643AF1CA5C0FE03CE8C687189CE56B
                          SHA1:ECADBA79A364D72354C658FD6EA3D5CF938F686B
                          SHA-256:4DC3BF7A36AB5DA80C0995FAF61ED0F96C4DE572F2D6FF9F120F9BC44B69E444
                          SHA-512:68B69FCE8EF5AB1DDA2994BA4DB111136BD441BC3EFC0251F57DC20A3095B8420669E646E2347EAB7BAF30CACA4BCF74BD88E049378D8DE57DE72E4B8A5FF74B
                          Malicious:false
                          Reputation:unknown
                          Preview:SQLite format 3......@  ..........................................................................j..........g.....P....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\f36d2759-0200-4d16-8358-597ba9240534.tmp
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text, with very long lines (16591), with no line terminators
                          Category:dropped
                          Size (bytes):16591
                          Entropy (8bit):5.4358951791869
                          Encrypted:false
                          SSDEEP:
                          MD5:D11BD9F6AECCC75827BFDD6352FD62FD
                          SHA1:F6FBB0301C67E6733604CE1EE9D3B9309A541D34
                          SHA-256:EA896F149F426EF2DC23EFE423681E1CFBC4EBE185BB2400783247A98CC79DB1
                          SHA-512:C06024439F085E0C7D3053CDE27602ABA52AA97CB0370F2FC97DFF73212F503B6C1481E551B42F37343E5917A4F16A140BB4A406EC408E12DBD59B7BB3C544A5
                          Malicious:false
                          Reputation:unknown
                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13372177463882414","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13341058280410352","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b6496
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\f9929ecc-ff17-4e94-8164-8878d5fe66f7.tmp
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                          Category:dropped
                          Size (bytes):115717
                          Entropy (8bit):5.183660917461099
                          Encrypted:false
                          SSDEEP:
                          MD5:3D8183370B5E2A9D11D43EBEF474B305
                          SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                          SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                          SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "current_locale": "en-GB",..   "hub_apps": [ {..      "auto_show": {..         "enabled": true,..         "fre_notification": {..            "enabled": true,..            "header": "Was opening this pane helpful to you?",..            "show_count": 2,..            "text": "Was opening this pane helpful to you?"..         },..         "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",..         "settings_title": "Automatically open Bing Chat in the sidebar",..         "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {..            "show_count_basis": "signal",..            "signal_name": "IsMsnArticleAutoOpenFromP1P2",..            "signal_threshold": 0.5..         } ],..         "triggering_configs|flight:msUndersidePersistentChat": [ {..            "signal_name": "IsUndersidePersistentChatLink",..            "signal_threshold": 0.5..         } ],..         "triggering_co
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):32768
                          Entropy (8bit):0.48899942492316245
                          Encrypted:false
                          SSDEEP:
                          MD5:C1117ECD54C132C36E26472274709AA7
                          SHA1:00D2F4A12D44F53A6BEB6D2E7CF7B7E9E9718AAE
                          SHA-256:F71E99ABB6B33D68D8ED9AD91DC505ACECAA74A294596181AA34B33A571F8CC5
                          SHA-512:8D1B6A0ED22CBA8F05EDA3DA1F32CC18C6F0C90ADFD8FB8F29E1FFA79A4DCC0E9C1DFBE6987527F54D755B49DF2F9EEEF561BCCB08000848560B536D6196A785
                          Malicious:false
                          Reputation:unknown
                          Preview:..-.....u.....................]^..>l_..`RSH\. J..-.....u.....................]^..>l_..`RSH\. J........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:SQLite Write-Ahead Log, version 3007000
                          Category:dropped
                          Size (bytes):2080632
                          Entropy (8bit):3.5136386066429663
                          Encrypted:false
                          SSDEEP:
                          MD5:DF86A8CEF7664F98E8CEB077CD765651
                          SHA1:B4F718E8E1BD8FD73072B0D3D83281FA7438FC52
                          SHA-256:3D6720C058F1D70DF2C53FE4579153159855383D487F235EE893489CA33F65AB
                          SHA-512:18A7BA2014D488708E05681FF8944145589BCEB850C8C81AF494D6D4E2E96EC63CB41EE37AD11661A27C6550B52F315822241DE72D6FE3D639B609D5D4348AF0
                          Malicious:false
                          Reputation:unknown
                          Preview:7....-..........^..>l_.....q..$.........^..>l_..X....9I4SQLite format 3......@  ..........................................................................j.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:modified
                          Size (bytes):646
                          Entropy (8bit):3.904387454906986
                          Encrypted:false
                          SSDEEP:
                          MD5:98B612449A3E36D0F5F2121F1DF7B7AA
                          SHA1:B39F5599F4EF02D355C4DE92AA4E403429B43991
                          SHA-256:C25A2663ABC0CF2851FB98BE279A71CD965CDD7753406DA7ECDAA611A3FEBE18
                          SHA-512:94D639E28CCFD5B09433083EB59219BE5C939746E55AD239145C77BE32AEBBA90ABC394740BC1032321747C07A8856FEE98AAC65BB1BFA656D9EAFCCB444DB04
                          Malicious:false
                          Reputation:unknown
                          Preview:A..r.................20_1_1...1.,U.................20_1_1...1?.Q;0................39_config..........6.....n ...1u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=................8.|;...............#38_h.......6.Z..W.F......<;......<;..............;...............#38_h.......6.Z..W.F......<G......<G.........2B.l...............0.:y0................39_config..........6.....n ...1
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text
                          Category:dropped
                          Size (bytes):320
                          Entropy (8bit):5.155797842324042
                          Encrypted:false
                          SSDEEP:
                          MD5:678BCE8101FBF6EEE951458D7BBFB11D
                          SHA1:6392EAF98CBB4F3B3596D8B5144A9BED89DC08AA
                          SHA-256:D6CE880B3BA7BC78CC0E89F3202FAD86F43AA1BC871363953621746151A4E994
                          SHA-512:F6CF6B241FB38E94898E699E029D243F4CD0024B78CC72BF2A3002636052C298218018B28C144AD87CE178C86201FD3BBD9BEEB7FE2A61C2C91E56959DF19C11
                          Malicious:false
                          Reputation:unknown
                          Preview:2024/09/30-09:44:23.889 1010 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/09/30-09:44:23.890 1010 Recovering log #3.2024/09/30-09:44:23.890 1010 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):816
                          Entropy (8bit):4.0647916882227655
                          Encrypted:false
                          SSDEEP:
                          MD5:3BE72D8D40752B3A97028FDB2931FABA
                          SHA1:A27EA4726857A948F0A4B074062B674469A9A371
                          SHA-256:3C18553C8C3F7E801855F3579AC57F3C156D783BBA27FB35C6D2FB6CB89BD902
                          SHA-512:8EBD4D6980BB7796615217E72BC65953C920B68B9259341CD52858C1E889EC90339E2A304FE0C971D6C6EF9AFC4A00CFB3E5CC89C7B2DF8737A0C7EC241BDADC
                          Malicious:false
                          Reputation:unknown
                          Preview:.h.6.................__global... .t...................__global... .9..b.................33_..........................33_........v.................21_.....vuNX.................21_.....<...................20_.....X...................20_.....W.J+.................19_......qY.................18_.....'}2..................37_.......c..................38_......i...................39_.....Owa..................20_.....4.9..................20_.....B.I..................19_..........................18_.....2.1..................37_..........................38_......=.%.................39_.....p.j..................9_.....JJ...................9_.....|.&R.................__global... ./....................__global... ..T...................__global... ...G..................__global... ......................__global... .
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text
                          Category:dropped
                          Size (bytes):338
                          Entropy (8bit):5.158971479621609
                          Encrypted:false
                          SSDEEP:
                          MD5:20903B3390FD88F2EBF1C13B8373102D
                          SHA1:E4D019EBE2FC3EEA7F50FB968641189645FB09AF
                          SHA-256:6008C73D7226F0A14E75AF13A35C04910BAC96FBC9B658867067D93AA0C7478C
                          SHA-512:40831F13FA29C9C03CFB6937A648D7B28DEDE0FC5E368C1FD7722D0241E4AED6F258122F65ACD61D24B1370F4B976A7EB68639A033D4271A68EC51A43B51FD31
                          Malicious:false
                          Reputation:unknown
                          Preview:2024/09/30-09:44:23.881 1010 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/09/30-09:44:23.881 1010 Recovering log #3.2024/09/30-09:44:23.882 1010 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):120
                          Entropy (8bit):3.32524464792714
                          Encrypted:false
                          SSDEEP:
                          MD5:A397E5983D4A1619E36143B4D804B870
                          SHA1:AA135A8CC2469CFD1EF2D7955F027D95BE5DFBD4
                          SHA-256:9C70F766D3B84FC2BB298EFA37CC9191F28BEC336329CC11468CFADBC3B137F4
                          SHA-512:4159EA654152D2810C95648694DD71957C84EA825FCCA87B36F7E3282A72B30EF741805C610C5FA847CA186E34BDE9C289AAA7B6931C5B257F1D11255CD2A816
                          Malicious:false
                          Reputation:unknown
                          Preview:C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.\.E.d.g.e.\.A.p.p.l.i.c.a.t.i.o.n.\.m.s.e.d.g.e...e.x.e.
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text, with no line terminators
                          Category:dropped
                          Size (bytes):13
                          Entropy (8bit):2.7192945256669794
                          Encrypted:false
                          SSDEEP:
                          MD5:BF16C04B916ACE92DB941EBB1AF3CB18
                          SHA1:FA8DAEAE881F91F61EE0EE21BE5156255429AA8A
                          SHA-256:7FC23C9028A316EC0AC25B09B5B0D61A1D21E58DFCF84C2A5F5B529129729098
                          SHA-512:F0B7DF5517596B38D57C57B5777E008D6229AB5B1841BBE74602C77EEA2252BF644B8650C7642BD466213F62E15CC7AB5A95B28E26D3907260ED1B96A74B65FB
                          Malicious:false
                          Reputation:unknown
                          Preview:117.0.2045.47
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):0
                          Entropy (8bit):0.0
                          Encrypted:false
                          SSDEEP:
                          MD5:DACE1F198DF588106B5B06067AC7D9B9
                          SHA1:EDA43AB6442BFA5424047C62DDF35827A68AF3E1
                          SHA-256:2D111F2C1D9B13BC2D964F4FAE5F4C422C6986CD26D9BB90E701DA162AB8BF74
                          SHA-512:6E466546EB8BB3EB9827E9EDF2C86E7A5B0D23113653D1FCE7169D3C92399B2945BB86D330DA542C74AFB0D16AF2E6F2AD74D468183FA67EA0DDB5758BA432DE
                          Malicious:false
                          Reputation:unknown
                          Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2a29f.TMP (copy)
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):0
                          Entropy (8bit):0.0
                          Encrypted:false
                          SSDEEP:
                          MD5:DACE1F198DF588106B5B06067AC7D9B9
                          SHA1:EDA43AB6442BFA5424047C62DDF35827A68AF3E1
                          SHA-256:2D111F2C1D9B13BC2D964F4FAE5F4C422C6986CD26D9BB90E701DA162AB8BF74
                          SHA-512:6E466546EB8BB3EB9827E9EDF2C86E7A5B0D23113653D1FCE7169D3C92399B2945BB86D330DA542C74AFB0D16AF2E6F2AD74D468183FA67EA0DDB5758BA432DE
                          Malicious:false
                          Reputation:unknown
                          Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2c9af.TMP (copy)
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):0
                          Entropy (8bit):0.0
                          Encrypted:false
                          SSDEEP:
                          MD5:DACE1F198DF588106B5B06067AC7D9B9
                          SHA1:EDA43AB6442BFA5424047C62DDF35827A68AF3E1
                          SHA-256:2D111F2C1D9B13BC2D964F4FAE5F4C422C6986CD26D9BB90E701DA162AB8BF74
                          SHA-512:6E466546EB8BB3EB9827E9EDF2C86E7A5B0D23113653D1FCE7169D3C92399B2945BB86D330DA542C74AFB0D16AF2E6F2AD74D468183FA67EA0DDB5758BA432DE
                          Malicious:false
                          Reputation:unknown
                          Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2f802.TMP (copy)
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):0
                          Entropy (8bit):0.0
                          Encrypted:false
                          SSDEEP:
                          MD5:DACE1F198DF588106B5B06067AC7D9B9
                          SHA1:EDA43AB6442BFA5424047C62DDF35827A68AF3E1
                          SHA-256:2D111F2C1D9B13BC2D964F4FAE5F4C422C6986CD26D9BB90E701DA162AB8BF74
                          SHA-512:6E466546EB8BB3EB9827E9EDF2C86E7A5B0D23113653D1FCE7169D3C92399B2945BB86D330DA542C74AFB0D16AF2E6F2AD74D468183FA67EA0DDB5758BA432DE
                          Malicious:false
                          Reputation:unknown
                          Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF35ef9.TMP (copy)
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):0
                          Entropy (8bit):0.0
                          Encrypted:false
                          SSDEEP:
                          MD5:DACE1F198DF588106B5B06067AC7D9B9
                          SHA1:EDA43AB6442BFA5424047C62DDF35827A68AF3E1
                          SHA-256:2D111F2C1D9B13BC2D964F4FAE5F4C422C6986CD26D9BB90E701DA162AB8BF74
                          SHA-512:6E466546EB8BB3EB9827E9EDF2C86E7A5B0D23113653D1FCE7169D3C92399B2945BB86D330DA542C74AFB0D16AF2E6F2AD74D468183FA67EA0DDB5758BA432DE
                          Malicious:false
                          Reputation:unknown
                          Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3b3c1.TMP (copy)
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):0
                          Entropy (8bit):0.0
                          Encrypted:false
                          SSDEEP:
                          MD5:DACE1F198DF588106B5B06067AC7D9B9
                          SHA1:EDA43AB6442BFA5424047C62DDF35827A68AF3E1
                          SHA-256:2D111F2C1D9B13BC2D964F4FAE5F4C422C6986CD26D9BB90E701DA162AB8BF74
                          SHA-512:6E466546EB8BB3EB9827E9EDF2C86E7A5B0D23113653D1FCE7169D3C92399B2945BB86D330DA542C74AFB0D16AF2E6F2AD74D468183FA67EA0DDB5758BA432DE
                          Malicious:false
                          Reputation:unknown
                          Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 8
                          Category:dropped
                          Size (bytes):20480
                          Entropy (8bit):0.6776558889663267
                          Encrypted:false
                          SSDEEP:
                          MD5:D8827DFCAFAEFFCC68F2C8C5581BECCA
                          SHA1:AB8AFE220039BB64DAFD39CD1F013162D33A7467
                          SHA-256:DB95E81B88A859341D32D822BBD1B535710095127C51A740EBD60157944B3DBE
                          SHA-512:F3D1A4C48C9C979E2FB9F5B62F367C86FF57AE2340B9FDB206D776897595DBA2D015E218C4703E8D1D63A8E3E793F15D60F89322821ED3CE61B2A724B166D2B2
                          Malicious:false
                          Reputation:unknown
                          Preview:SQLite format 3......@  ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Safe Browsing\ChromeExtMalware.store (copy)
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):0
                          Entropy (8bit):0.0
                          Encrypted:false
                          SSDEEP:
                          MD5:54D47BD74D8473BED32127203882E022
                          SHA1:A0EC2DA0CD0A1DBDF366BFE9FBD5F09619E17D51
                          SHA-256:F3A6C481E44F440D8466B33991CE42B8C5142CDF98342A520099186B65227EAA
                          SHA-512:07BE2FEDD47FA31238035150DC3EEDA501B007ADA1A91F75764FFFF4270D117BF2A0A0809AF4890A45C3F5A8E640D3D3F1D88EE1BA84A93B8D23D7F8CE362F3C
                          Malicious:false
                          Reputation:unknown
                          Preview:.........| .*.|....|. ...|aaaaagfgdnjcdkncmfkfinnjaiapdblgaaaaaogokkamlflcoccdihncmbgcmflnaaaaaoipnhppjgickhnmdbgfbicakiamaaaaapdcjfaomkafnbpoclmfakjianjdaaaaapiecopgelmleoolpjapkgpglkcbaaaabcdhikdcpainmmjceakmkacogdkoaaaabdgnnajpalbdkkdnknbbbmndbilaaaaabfkbnfjnjldicllofdmjchdancccaaaabgphkbebbdbcibgbppdidkelfoigaaaabibhgjnbdelbcijfciclijhdkgohaaaabmldebjdieoplgdecloipkabiibcaaaaboojhahjgdjeknnemneiajjhhddiaaaabpccljmmhilhhndnjkobdedbpkjpaaaacmnkhlfjgehagffhnhdjfankefglaaaacnnimempmlomnnhdkimkfahjplfpaaaadbhonifkcheeddllhmpapnhcpgiaaaaadbkccgigjdmfmdhgikcckicldhjbaaaadbolalgmogecpogmlebfkpigmpdjaaaaehbfjkafkfgppkjageehakfakfbmaaaaehbppmedegafehiimempeifadcinaaaageoepbmnopkkfeadndbijdghellgaaaagfdmgcibcnlmgiipapnfocaocfneaaaagjojmcedjoignaljgmnihajfhhlpaaaaglldojfgdeaijnfefaggkfjekomeaaaaiihjniipljfegaknmbkneamnoajdaaaainjigbjlofcjekbnjnpiegecbnbaaaaaiognmpgbjoffachmpnnppfnokcbeaaaajcpbcbckoiafnblkdhnldokclbhiaaaajfoihhopfmnlhlnlhogjonmllocoaaaajhoimomebpcfopjpgkbbjdnldoihaaaakdafje
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Safe Browsing\ChromeExtMalware.store_new
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):2033457
                          Entropy (8bit):4.001523577469734
                          Encrypted:false
                          SSDEEP:
                          MD5:54D47BD74D8473BED32127203882E022
                          SHA1:A0EC2DA0CD0A1DBDF366BFE9FBD5F09619E17D51
                          SHA-256:F3A6C481E44F440D8466B33991CE42B8C5142CDF98342A520099186B65227EAA
                          SHA-512:07BE2FEDD47FA31238035150DC3EEDA501B007ADA1A91F75764FFFF4270D117BF2A0A0809AF4890A45C3F5A8E640D3D3F1D88EE1BA84A93B8D23D7F8CE362F3C
                          Malicious:false
                          Reputation:unknown
                          Preview:.........| .*.|....|. ...|aaaaagfgdnjcdkncmfkfinnjaiapdblgaaaaaogokkamlflcoccdihncmbgcmflnaaaaaoipnhppjgickhnmdbgfbicakiamaaaaapdcjfaomkafnbpoclmfakjianjdaaaaapiecopgelmleoolpjapkgpglkcbaaaabcdhikdcpainmmjceakmkacogdkoaaaabdgnnajpalbdkkdnknbbbmndbilaaaaabfkbnfjnjldicllofdmjchdancccaaaabgphkbebbdbcibgbppdidkelfoigaaaabibhgjnbdelbcijfciclijhdkgohaaaabmldebjdieoplgdecloipkabiibcaaaaboojhahjgdjeknnemneiajjhhddiaaaabpccljmmhilhhndnjkobdedbpkjpaaaacmnkhlfjgehagffhnhdjfankefglaaaacnnimempmlomnnhdkimkfahjplfpaaaadbhonifkcheeddllhmpapnhcpgiaaaaadbkccgigjdmfmdhgikcckicldhjbaaaadbolalgmogecpogmlebfkpigmpdjaaaaehbfjkafkfgppkjageehakfakfbmaaaaehbppmedegafehiimempeifadcinaaaageoepbmnopkkfeadndbijdghellgaaaagfdmgcibcnlmgiipapnfocaocfneaaaagjojmcedjoignaljgmnihajfhhlpaaaaglldojfgdeaijnfefaggkfjekomeaaaaiihjniipljfegaknmbkneamnoajdaaaainjigbjlofcjekbnjnpiegecbnbaaaaaiognmpgbjoffachmpnnppfnokcbeaaaajcpbcbckoiafnblkdhnldokclbhiaaaajfoihhopfmnlhlnlhogjonmllocoaaaajhoimomebpcfopjpgkbbjdnldoihaaaakdafje
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text, with no line terminators
                          Category:dropped
                          Size (bytes):47
                          Entropy (8bit):4.3818353308528755
                          Encrypted:false
                          SSDEEP:
                          MD5:48324111147DECC23AC222A361873FC5
                          SHA1:0DF8B2267ABBDBD11C422D23338262E3131A4223
                          SHA-256:D8D672F953E823063955BD9981532FC3453800C2E74C0CC3653D091088ABD3B3
                          SHA-512:E3B5DB7BA5E4E3DE3741F53D91B6B61D6EB9ECC8F4C07B6AE1C2293517F331B716114BAB41D7935888A266F7EBDA6FABA90023EFFEC850A929986053853F1E02
                          Malicious:false
                          Reputation:unknown
                          Preview:customSettings_F95BA787499AB4FA9EFFF472CE383A14
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):35
                          Entropy (8bit):4.014438730983427
                          Encrypted:false
                          SSDEEP:
                          MD5:BB57A76019EADEDC27F04EB2FB1F1841
                          SHA1:8B41A1B995D45B7A74A365B6B1F1F21F72F86760
                          SHA-256:2BAE8302F9BD2D87AE26ACF692663DF1639B8E2068157451DA4773BD8BD30A2B
                          SHA-512:A455D7F8E0BE9A27CFB7BE8FE0B0E722B35B4C8F206CAD99064473F15700023D5995CC2C4FAFDB8FBB50F0BAB3EC8B241E9A512C0766AAAE1A86C3472C589FFD
                          Malicious:false
                          Reputation:unknown
                          Preview:{"forceServiceDetermination":false}
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text, with no line terminators
                          Category:dropped
                          Size (bytes):81
                          Entropy (8bit):4.3439888556902035
                          Encrypted:false
                          SSDEEP:
                          MD5:177F4D75F4FEE84EF08C507C3476C0D2
                          SHA1:08E17AEB4D4066AC034207420F1F73DD8BE3FAA0
                          SHA-256:21EE7A30C2409E0041CDA6C04EEE72688EB92FE995DC94487FF93AD32BD8F849
                          SHA-512:94FC142B3CC4844BF2C0A72BCE57363C554356C799F6E581AA3012E48375F02ABD820076A8C2902A3C6BE6AC4D8FA8D4F010D4FF261327E878AF5E5EE31038FB
                          Malicious:false
                          Reputation:unknown
                          Preview:edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):130439
                          Entropy (8bit):3.80180718117079
                          Encrypted:false
                          SSDEEP:
                          MD5:EB75CEFFE37E6DF9C171EE8380439EDA
                          SHA1:F00119BA869133D64E4F7F0181161BD47968FA23
                          SHA-256:48B11410DC937A1723BF4C5AD33ECDB286D8EC69544241BC373F753E64B396C1
                          SHA-512:044C5113D877CE2E3B42CF07670620937ED7BE2D8B3BF2BAB085C43EF4F64598A7AC56328DDBBE7F0F3CFB9EA49D38CA332BB4ECBFEDBE24AE53B14334A30C8E
                          Malicious:false
                          Reputation:unknown
                          Preview:{..  "geoidMaps": {..    "au": "https://australia.smartscreen.microsoft.com/",..    "ch": "https://switzerland.smartscreen.microsoft.com/",..    "eu": "https://europe.smartscreen.microsoft.com/",..    "ffl4": "https://unitedstates1.ss.wd.microsoft.us/",..    "ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",..    "ffl5": "https://unitedstates2.ss.wd.microsoft.us/",..    "in": "https://india.smartscreen.microsoft.com/",..    "test": "https://eu-9.smartscreen.microsoft.com/",..    "uk": "https://unitedkingdom.smartscreen.microsoft.com/",..    "us": "https://unitedstates.smartscreen.microsoft.com/",..    "gw_au": "https://australia.smartscreen.microsoft.com/",..    "gw_ch": "https://switzerland.smartscreen.microsoft.com/",..    "gw_eu": "https://europe.smartscreen.microsoft.com/",..    "gw_ffl4": "https://unitedstates1.ss.wd.microsoft.us/",..    "gw_ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",..    "gw_ffl5": "https://unitedstates2.ss.wd.microsoft.us/",..    "gw_in": "https
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text, with no line terminators
                          Category:dropped
                          Size (bytes):40
                          Entropy (8bit):4.346439344671015
                          Encrypted:false
                          SSDEEP:
                          MD5:6A3A60A3F78299444AACAA89710A64B6
                          SHA1:2A052BF5CF54F980475085EEF459D94C3CE5EF55
                          SHA-256:61597278D681774EFD8EB92F5836EB6362975A74CEF807CE548E50A7EC38E11F
                          SHA-512:C5D0419869A43D712B29A5A11DC590690B5876D1D95C1F1380C2F773CA0CB07B173474EE16FE66A6AF633B04CC84E58924A62F00DCC171B2656D554864BF57A4
                          Malicious:false
                          Reputation:unknown
                          Preview:synchronousLookupUris_638343870221005468
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_638343870221005468
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):57
                          Entropy (8bit):4.556488479039065
                          Encrypted:false
                          SSDEEP:
                          MD5:3A05EAEA94307F8C57BAC69C3DF64E59
                          SHA1:9B852B902B72B9D5F7B9158E306E1A2C5F6112C8
                          SHA-256:A8EF112DF7DAD4B09AAA48C3E53272A2EEC139E86590FD80E2B7CBD23D14C09E
                          SHA-512:6080AEF2339031FAFDCFB00D3179285E09B707A846FD2EA03921467DF5930B3F9C629D37400D625A8571B900BC46021047770BAC238F6BAC544B48FB3D522FB0
                          Malicious:false
                          Reputation:unknown
                          Preview:9.......murmur3.............,M.h...Z...8.\..<&Li.H..[.?m
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text, with no line terminators
                          Category:dropped
                          Size (bytes):29
                          Entropy (8bit):4.030394788231021
                          Encrypted:false
                          SSDEEP:
                          MD5:52E2839549E67CE774547C9F07740500
                          SHA1:B172E16D7756483DF0CA0A8D4F7640DD5D557201
                          SHA-256:F81B7B9CE24F5A2B94182E817037B5F1089DC764BC7E55A9B0A6227A7E121F32
                          SHA-512:D80E7351E4D83463255C002D3FDCE7E5274177C24C4C728D7B7932D0BE3EBCFEB68E1E65697ED5E162E1B423BB8CDFA0864981C4B466D6AD8B5E724D84B4203B
                          Malicious:false
                          Reputation:unknown
                          Preview:topTraffic_638004170464094982
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):575056
                          Entropy (8bit):7.999649474060713
                          Encrypted:true
                          SSDEEP:
                          MD5:BE5D1A12C1644421F877787F8E76642D
                          SHA1:06C46A95B4BD5E145E015FA7E358A2D1AC52C809
                          SHA-256:C1CE928FBEF4EF5A4207ABAFD9AB6382CC29D11DDECC215314B0522749EF6A5A
                          SHA-512:FD5B100E2F192164B77F4140ADF6DE0322F34D7B6F0CF14AED91BACAB18BB8F195F161F7CF8FB10651122A598CE474AC4DC39EDF47B6A85C90C854C2A3170960
                          Malicious:false
                          Reputation:unknown
                          Preview:...._+jE.`..}....S..1....G}s..E....y".Wh.^.W.H...-...#.A...KR...9b........>k......bU.IVo...D......Y..[l.yx.......'c=..I0.....E.d...-...1 ....m../C...OQ.........qW..<:N.....38.u..X-..s....<..U.,Mi..._.......`.Y/.........^..,.E..........j@..G8..N.... ..Ea...4.+.79k.!T.-5W..!..@+..!.P..LDG.....V."....L.... .(#..$..&......C.....%A.T}....K_.S..'Q.".d....s....(j.D!......Ov..)*d0)."(..%..-..G..L.}....i.....m9;.....t.w..0....f?..-..M.c.3.....N7K.T..D>.3.x...z..u$5!..4..T.....U.O^L{.5..=E..'..;.}(|.6.:..f!.>...?M.8......P.D.J.I4.<...*.y.E....>....i%.6..Y.@..n.....M..r..C.f.;..<..0.H...F....h.......HB1]1....u..:...H..k....B.Q..J...@}j~.#...'Y.J~....I...ub.&..L[z..1.W/.Ck....M.......[.......N.F..z*.{nZ~d.V.4.u.K.V.......X.<p..cz..>*....X...W..da3(..g..Z$.L4.j=~.p.l.\.[e.&&.Y ...U)..._.^r0.,.{_......`S..[....(.\..p.bt.g..%.$+....f.....d....Im..f...W ......G..i_8a..ae..7....pS.....z-H..A.s.4.3..O.r.....u.S......a.}..v.-/..... ...a.x#./:...sS&U.().xL...pg
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_638004170464094982
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:raw G3 (Group 3) FAX, byte-padded
                          Category:dropped
                          Size (bytes):460992
                          Entropy (8bit):7.999625908035124
                          Encrypted:true
                          SSDEEP:
                          MD5:E9C502DB957CDB977E7F5745B34C32E6
                          SHA1:DBD72B0D3F46FA35A9FE2527C25271AEC08E3933
                          SHA-256:5A6B49358772DB0B5C682575F02E8630083568542B984D6D00727740506569D4
                          SHA-512:B846E682427CF144A440619258F5AA5C94CAEE7612127A60E4BD3C712F8FF614DA232D9A488E27FC2B0D53FD6ACF05409958AEA3B21EA2C1127821BD8E87A5CA
                          Malicious:false
                          Reputation:unknown
                          Preview:...2lI.5.<C.;.{....._+jE.`..}....-...#.A...KR...l.M0,s...).9..........x.......F.b......jU....y.h'....L<...*..Z..*%.*..._...g.4yu...........'c=..I0..........qW..<:N....<..U.,Mi..._......'(..U.9.!........u....7...4. ..Ea...4.+.79k.!T.-5W..!..@+..$..t|1.E..7F...+..xf....z&_Q...-.B...)8R.c....0.......B.M.Z...0....&v..<..H...3.....N7K.T..D>.8......P.D.J.I4.B.H.VHy...@.Wc.Cl..6aD..j.....E..*4..mI..X]2.GH.G.L...E.F.=.J...@}j~.#...'Y.L[z..1.W/.Ck....L..X........J.NYd........>...N.F..z*.{nZ~d.N..../..6.\L...Q...+.w..p...>.S.iG...0]..8....S..)`B#.v..^.*.T.?...Z.rz.D'.!.T.w....S..8....V.4.u.K.V.......W.6s...Y.).[.c.X.S..........5.X7F...tQ....z.L.X..(3#j...8...i.[..j$.Q....0...]"W.c.H..n..2Te.ak...c..-F(..W2.b....3.]......c.d|.../....._...f.....d....Im..g.b..R.q.<x*x...i2..r.I()Iat..b.j.r@K.+5..C.....nJ.>*P,.V@.....s.4.3..O.r.....smd7...L.....].u&1../t.*.......uXb...=@.....wv......]....#.{$.w......i.....|.....?....E7...}$+..t).E.U..Q..~.`.)..Y@.6.h.......%(
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:ASCII text, with no line terminators
                          Category:dropped
                          Size (bytes):9
                          Entropy (8bit):3.169925001442312
                          Encrypted:false
                          SSDEEP:
                          MD5:B6F7A6B03164D4BF8E3531A5CF721D30
                          SHA1:A2134120D4712C7C629CDCEEF9DE6D6E48CA13FA
                          SHA-256:3D6F3F8F1456D7CE78DD9DFA8187318B38E731A658E513F561EE178766E74D39
                          SHA-512:4B473F45A5D45D420483EA1D9E93047794884F26781BBFE5370A554D260E80AD462E7EEB74D16025774935C3A80CBB2FD1293941EE3D7B64045B791B365F2B63
                          Malicious:false
                          Reputation:unknown
                          Preview:uriCache_
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):180
                          Entropy (8bit):4.987146338426163
                          Encrypted:false
                          SSDEEP:
                          MD5:750E0E1405C2307B5544FCD9BC509294
                          SHA1:EDF2E34039782AC8EACD1FECFEEAF00A2E3784A9
                          SHA-256:24C2CC1627ADB78BA38A6AE2A1D6C39BC38FB024998AF80A46832895489794B7
                          SHA-512:BDB812477EF5F982DC96ABCBADA543DBDBF791C7A65AEECDB9E1A86530952063980D713313141EB74AFFE7CADD08E946EB04EF1836B794D608D50E19217A10E9
                          Malicious:false
                          Reputation:unknown
                          Preview:{"version":1,"cache_data":[{"file_hash":"02cb9f3b001da104","server_context":"1;c5faad59-a2e3-31f2-b86e-aaf958e12824;phsh:005;7e-05","result":0,"expiration_time":1727804687583336}]}
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):86
                          Entropy (8bit):4.3751917412896075
                          Encrypted:false
                          SSDEEP:
                          MD5:E9E365607374115B92E4ABE4B9628101
                          SHA1:D5054EA9B22317DCA83801EB3586017BFCC0E2A8
                          SHA-256:5CD2C4D9F13524923046198C92213691539407E04FA520CDAE9EADE1BAD3D91D
                          SHA-512:A84D65ED53E43883E5ECB7848FBD48F5305A63E6975E6AF480CF85532879720061106BE54F2A5888EBC3569F7123081A0E6EB48CCB8D7DBA3E1DA1C8A3C50401
                          Malicious:false
                          Reputation:unknown
                          Preview:{"user_experience_metrics.stability.exited_cleanly":false,"variations_crash_streak":3}
                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ebb860c0-82fb-4047-98cc-e5f4a4758717.tmp
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):58097
                          Entropy (8bit):6.105805806815081
                          Encrypted:false
                          SSDEEP:
                          MD5:749A19E8CAFAC6975EE0DB84F084CED8
                          SHA1:137207E7FDDA3BEDB9AF79AFA5C474FC741E5462
                          SHA-256:11531C6653BE24EDAFE3A30098EFDB5E6A96319B5E95DD3C6CC4206489AC3984
                          SHA-512:1A6259B24FA9C768DDAC467873F7B7CCF28DBCCDFBAE46D301CE2A933849962545A3C1DBFBFCCE515BDC45B744184EFDC7B2BFCF6886E1E36CD0D83418E61503
                          Malicious:false
                          Reputation:unknown
                          Preview:{"abusive_adblocker_etag":"\"8ABCE35666CBACA121128B98C75E78308AAC1CE803625FAFB4A7AFA722C77CA4\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0
                          C:\Users\user\AppData\Local\Microsoft\FORMS\FRMCACHE.DAT
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                          File Type:data
                          Category:dropped
                          Size (bytes):231348
                          Entropy (8bit):4.393106325559909
                          Encrypted:false
                          SSDEEP:
                          MD5:C0EB3104CAFF505257F5D4D810F51BB1
                          SHA1:F93D3C8DEA7E5A2B96CBA9749BEF892F8C200EFD
                          SHA-256:EB94E163B18E260BAD34780389B7239560449D811CE97E4B7A4FB7DF477D6338
                          SHA-512:F930F08BCD9E795F7B2C22E8E958F442510ACA527CA56465EA93C1B5EAAB3CF2957A975BD2BFB6B44DC4A9BE8E767D30C8CE6CFEF6EB5E4614AF3E1B678DF58E
                          Malicious:false
                          Reputation:unknown
                          Preview:TH02...... .....>.......SM01X...,......>...........IPM.Activity...........h...............h............H..h<.............h............H..h\cal ...pDat...h.E..0..........h2.............h........_`Qk...h...@...I.lw...h....H...8.Vk...0....T...............d.........2h...............k..6...........!h.............. h..^..........#h....8.........$h........8....."h0.............'h..............1h2..<.........0h....4....Vk../h....h.....VkH..h....p...<.....-h ............+h.......0................... ..............F7..............FIPM.Activity....Form....Standard....Journal Entry...IPM.Microsoft.FolderDesign.FormsDescription................F.k..........1122110020000000....Microsoft...This form is used to create journal entries.........kf......  ..........&...........(.......(... ...@.....................................................................................................................fffffffff........wwwwwwww.p....pp..............p...............pw..............pw..DDDDO..
                          C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\4903AFC1-3D2E-489B-89C7-0B888B575C89
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                          File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                          Category:dropped
                          Size (bytes):177088
                          Entropy (8bit):5.286749414906291
                          Encrypted:false
                          SSDEEP:
                          MD5:1079E4B7E904BCB3A3988587E9537376
                          SHA1:6D110D02CBBDF9A833E382C95E2E1713A0AD6417
                          SHA-256:93D12B3070DD7EA92D331D07CFBD8D12D53D8D978EBA0D18330AEB7AE6384F1F
                          SHA-512:BB1C50E5692E2CCF2F7F77C95441DF3AF0437D54FCFC31269118F7C59CD6A77A2680712F2B9BDEAC2DA7DA3225672BD182B7B4A5EF4B9676F9D85569924B634A
                          Malicious:false
                          Reputation:unknown
                          Preview:<?xml version="1.0" encoding="utf-8"?>..<o:OfficeConfig xmlns:o="urn:schemas-microsoft-com:office:office">..  <o:services o:GenerationTime="2024-09-30T13:43:36">..      Build: 16.0.18112.40129-->..    <o:default>..      <o:ticket o:headerName="Authorization" o:headerValue="{}" />..    </o:default>..    <o:service o:name="Research">..      <o:url>https://word-edit.officeapps.live.com/we/rrdiscovery.ashx</o:url>..    </o:service>..    <o:service o:name="ORedir">..      <o:url>https://o15.officeredir.microsoft.com/r</o:url>..    </o:service>..    <o:service o:name="ORedirSSL">..      <o:url>https://o15.officeredir.microsoft.com/r</o:url>..    </o:service>..    <o:service o:name="ClViewClientHelpId" o:authentication="1">..      <o:url>https://[MAX.BaseHost]/client/results</o:url>..      <o:ticket o:policy="MBI_SSL_SHORT" o:idprovider="1" o:target="[MAX.AuthHost]" o:headerValue="Passport1.4 from-PP='{}&amp;p='" />..      <o:ticket o:idprovider="3" o:headerValue="Bearer {}" o:resourceId="[
                          C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                          File Type:SQLite 3.x database, last written using SQLite version 3034001, writer version 2, read version 2, file counter 2, database pages 1, cookie 0, schema 0, largest root page 1, unknown 0 encoding, version-valid-for 2
                          Category:dropped
                          Size (bytes):4096
                          Entropy (8bit):0.09304735440217722
                          Encrypted:false
                          SSDEEP:
                          MD5:D0DE7DB24F7B0C0FE636B34E253F1562
                          SHA1:6EF2957FDEDDC3EB84974F136C22E39553287B80
                          SHA-256:B6DC74E4A39FFA38ED8C93D58AADEB7E7A0674DAC1152AF413E9DA7313ADE6ED
                          SHA-512:42D00510CD9771CE63D44991EA10C10C8FBCF69DF08819D60B7F8E7B0F9B1D385AE26912C847A024D1D127EC098904784147218869AE8D2050BCE9B306DB2DDE
                          Malicious:false
                          Reputation:unknown
                          Preview:SQLite format 3......@  ..........................................................................K.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-journal
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                          File Type:SQLite Rollback Journal
                          Category:dropped
                          Size (bytes):4616
                          Entropy (8bit):0.13681650948595175
                          Encrypted:false
                          SSDEEP:
                          MD5:678AEED36533BAD68A84EA6AA172BEED
                          SHA1:85F1D09513F4FF33371E6D301EC2987A94D22DE6
                          SHA-256:D4C0DF3544E4AB2BB7C9A10267D1161A25EE0D7E731063F6E5F8D8B7FEE5241B
                          SHA-512:7C5847D3D4C5929270C20ED7B82C839D2AD86AC89C18D345161617AB73359EA66D9B741A515B2753EABDB059A9D345A724A44F8A0E497B5C5675B4055FEE2A5F
                          Malicious:false
                          Reputation:unknown
                          Preview:.... .c.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................SQLite format 3......@  ..........................................................................K.................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-shm
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                          File Type:data
                          Category:dropped
                          Size (bytes):32768
                          Entropy (8bit):0.04482848510499482
                          Encrypted:false
                          SSDEEP:
                          MD5:A3BA2777D6D1B3AE86EFC54996C59C62
                          SHA1:F92B135D0F579A882BAA91234B14E6FC9377F850
                          SHA-256:F089BF73A1D48088418CCCE7A0F5956459D3921BBDCC303BDBC5D1471835C1D7
                          SHA-512:CD3CFFC89A1060EF81D72E9A8C30A896525E1854BC2EA7495E234A48F8CBBA54FC170010237EB37FC7C3C28B8C2B0E93D780F1FA499566512A5C40C11CB4EE45
                          Malicious:false
                          Reputation:unknown
                          Preview:..-......................m.l.=......#X0~3.rR.C...-......................m.l.=......#X0~3.rR.C.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-wal
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                          File Type:SQLite Write-Ahead Log, version 3007000
                          Category:dropped
                          Size (bytes):45352
                          Entropy (8bit):0.39507592512849515
                          Encrypted:false
                          SSDEEP:
                          MD5:015A283FC11013CEB875ED238A4DCDB2
                          SHA1:4EE7A7003D91951816726403C0FFED3BA10D8D16
                          SHA-256:89DC485FC65B50872B150D0AF6E44D48593D5A1B95B2FE666A6536F832831CD2
                          SHA-512:FE5E983E34DC56EC1199D511C30C653D4381B18F0606379C552D59379881E780568B668EA588BCC9B9C80D7D317C4788142C6581EE312F159CF39F51465F88B2
                          Malicious:false
                          Reputation:unknown
                          Preview:7....-..............#X0~.....(x............#X0~k.3.....SQLite format 3......@  ..........................................................................K.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):2278
                          Entropy (8bit):3.847031043893879
                          Encrypted:false
                          SSDEEP:
                          MD5:D997F2BDBCE6DC565D572359844024EA
                          SHA1:30A658DAE32BE72D8BFDCF85F25289E0B482E90C
                          SHA-256:646FAE882A60A0423926F7D6A3DE95F8E9BAC14140FEB08D61EF1F29059F11E9
                          SHA-512:442A01993B5A9CD9F4EFC3BA7E89DAFA2589EA3DA2D03330CF05AC7BDBBB0A7DC61589CA211B22F4D1DC2EFF291D5A18FA00316A0F173022CCD205D8D39CF6C6
                          Malicious:false
                          Reputation:unknown
                          Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".W.i.p.w.W.M.+.N.H.l.b.C.D.m.s.Z.p.8.S.O.s.j.h.t.F.B.s.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.F.T.r.P.U.c.T.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.H.Y.3.A.i.V.
                          C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:data
                          Category:dropped
                          Size (bytes):4622
                          Entropy (8bit):4.002274703413799
                          Encrypted:false
                          SSDEEP:
                          MD5:FCB0C35D7BE7469A207B795000700D51
                          SHA1:1C088E99F3F02351AF5FD447D254B5CDC099ADF6
                          SHA-256:E0B0E2CABC3D8401F7BECF29C62772C851FF5383E34A8A12A2B922C4D37C88FE
                          SHA-512:CF7AB131E3DA0D693FB27B8A811C63748F12CB52C9B269E08863203074E0A3FAB349AF596D91EDC036D0C143890D13448DCC519462337EFFB30A0A541896ACBA
                          Malicious:false
                          Reputation:unknown
                          Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".z.3.U.T.q.T.b.3.7./.u.z.h.i.f.l.b.4.0.f.z.h.D.r.E.s.w.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".r.K.J.C.J.D.8.T.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.w.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.H.Y.3.A.i.V.
                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\0YSE14NI\email.mht
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                          File Type:MIME entity, Unicode text, UTF-8 text, with CRLF line terminators
                          Category:modified
                          Size (bytes):6201
                          Entropy (8bit):5.42493722679463
                          Encrypted:false
                          SSDEEP:
                          MD5:B6F6B557FBF09C10E87740BAE950D71D
                          SHA1:3C657E1DF3D844A301625718572B7AAC44202B22
                          SHA-256:0B596677BC09806EBA88A82E7BC6622DD83B3FF3835A60018639CBA9A692E75D
                          SHA-512:5B8E65230FC2D84098F3EFF638BC83F8B8EE3C8257E47ABC2D2052881AEB9B390CA73F65F3493976081B8D918B81F5FE2CAD9C3459B8C8AAFFFF0B66D6872384
                          Malicious:false
                          Reputation:unknown
                          Preview:MIME-Version: 1.0..Content-Type: multipart/alternative;...boundary="----=_NextPart_000_0000_01DB131D.543A7C60"....This is a multipart message in MIME format.....------=_NextPart_000_0000_01DB131D.543A7C60..Content-Type: text/plain;...charset="utf-8"..Content-Transfer-Encoding: 8bit..... ....  <https://pbs.twimg.com/profile_images/1646948800278175773/cl7hvpgZ_400x400.jpg> ... . ......Bonjour Madame, Monsieur,....Un nouveau document est d.sormais disponible.....Connectez-vous . votre espace personnel . distance pour consulter le nouveau document. Sur notre site ou notre application mobile, Vous avez l'opportunit. de consulter les Documents. .. ....Acc.der . mon espace <https://alismus.com/fr>  . ....Pour toute information, utilisez la rubrique . Questions ? . en bas de la page d.accueil du site ou, si besoin, la messagerie s.curis.e depuis votre espace particulier.....Cordialement,....L..quipe Gouvernement......------=_NextPart_000_0000_01DB131D.543A7C60..Content-Type: t
                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Word\~WRS{388F7059-3CE6-4ED0-BACC-642A2D6DA2B3}.tmp
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                          File Type:data
                          Category:dropped
                          Size (bytes):3120
                          Entropy (8bit):3.7619585999131218
                          Encrypted:false
                          SSDEEP:
                          MD5:54E8CE7F34A75C1B92C6F8EEC00E1B37
                          SHA1:E82BBFBF80BDAFC1AEB738762BC0698AD4959BE0
                          SHA-256:A85C13C469BF1CC50972F1067311522586260C86702A988CF65E1F9F4C86B480
                          SHA-512:6C203506ACC6EB3C303364FFE4D26021FFAD7A479FD26051D785D29D7D7D5CF2E1DE38A796583B75BC9731B2140D1416353B592D7911D02EFFA66B5851646CBE
                          Malicious:false
                          Reputation:unknown
                          Preview:...... ...I.N.C.L.U.D.E.P.I.C.T.U.R.E. . .\.d. .".h.t.t.p.s.:././.p.b.s...t.w.i.m.g...c.o.m./.p.r.o.f.i.l.e._.i.m.a.g.e.s./.1.6.4.6.9.4.8.8.0.0.2.7.8.1.7.5.7.7.3./.c.l.7.h.v.p.g.Z._.4.0.0.x.4.0.0...j.p.g.". .\.x. .\.y. .\.*. .M.E.R.G.E.F.O.R.M.A.T.I.N.E.T... . ...........................................................................................................................................................................................................................................................................z...|.........................................................................................................................................................................................................................................................................................................................................$..$.If....:V.......t.....6......4........4........a.........$.a$.*...$..$.If........!v..h.#v....:V.......t.....6......5.......4........4.
                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\AN5UOLP8\cl7hvpgZ_400x400[1].jpg
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                          File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3
                          Category:modified
                          Size (bytes):13991
                          Entropy (8bit):7.782402600763486
                          Encrypted:false
                          SSDEEP:
                          MD5:6448D3EBD5C34AD0ABB89F288511FCF3
                          SHA1:6AB1CB1321B8EBE2D5D2E683327C322BA97A7C5E
                          SHA-256:A558CAF3AF16F1262F5E5EF727B7EE1E6D10EB8B0336E754CF45ABA296E12A0A
                          SHA-512:CFBA133CF738B6D937C8F9C414DD7EF28571C09649024DE183E6264166705EE1AFBF4109D918FA83D8634404C8B3A677A3C3331A9CE4DB0D9729183C60186A26
                          Malicious:false
                          Reputation:unknown
                          Preview:......JFIF..............ICC_PROFILE.......lcms.0..mntrRGB XYZ ............acspAPPL...................................-lcms................................................desc.......8cprt...@...Nwtpt........chad.......,rXYZ........bXYZ........gXYZ........rTRC....... gTRC...,... bTRC...L... chrm...l...$mluc............enUS.........s.R.G.B. .b.u.i.l.t.-.i.n..mluc............enUS...2.....N.o. .c.o.p.y.r.i.g.h.t.,. .u.s.e. .f.r.e.e.l.y....XYZ ...............-sf32.......J.......*........................XYZ ......o...8.....XYZ ......$.........XYZ ......b.........para..........ff......Y.......[para..........ff......Y.......[para..........ff......Y.......[chrm..............T{..L.......&f...\...C..............................................!........."$".$.......C............................................................................"..................................................................................u.......,.+...]....x.....J.c...lu...1\}.0.G.0.....EG.x.............N\...
                          C:\Users\user\AppData\Local\Temp\2fd58db3-9e8c-4942-aa4b-e706d6bcc058.tmp
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:PNG image data, 301 x 310, 8-bit/color RGBA, non-interlaced
                          Category:dropped
                          Size (bytes):4627621
                          Entropy (8bit):7.9941484585806135
                          Encrypted:true
                          SSDEEP:
                          MD5:8CEA3809FC1C2CEC9A3D905916D59DE0
                          SHA1:B270372CC34656B6A6DD5FCB9D8E3290CCF52C0A
                          SHA-256:390009C2C231E6B5AF694D16C2724978BE384EBCDDE0E00A0FB49902F41A65BE
                          SHA-512:0A55912DC9B542E9F06A4DA9A738B2B64E8A3ECCB8477D5922A14DBF89858BFED8BEC750A154D562CD8588E18DA1AE1E8FC9D7C77E0E5E62A4647FC1737603F1
                          Malicious:false
                          Reputation:unknown
                          Preview:.PNG........IHDR...-...6.....4......pHYs..!8..!8.E.1`....sRGB.........gAMA......a.....IDATx...k.f.u...u......-....U.dd.$R.d'..G.$..r.D...`.R...Re..*kf\....D.G~........Hd...d..$-..E.D......e.......}g.....Yk...`p....|.....z..^{......p\...{_w..w..3.7..}....z...k..k......]../.[...v..._..i.M..................S~q.D....W....[n...............U;.?...6.....5...m.............ou..3.W...u.....Lx....~.?..x./..X...._....y...........q.....5..^.re...X.w....k;3...f'I.].$....F ..B..(.. V..h.-/......2..=..-...Hg<.4....X.z..x...........`..z....#.........6....|4..7.@3 !qC.................!.~].da.=.7..Y.L._..(k.ES.q.`V.,.....c.1.-.G.\.c.z.....=^..].z........s..z..v..[7.o...&.`...$...R..@l.x..b...,..H.+.&u.n.!.....2.(.s.7z7'.".'.C......G..0,.e.........j..v....w.G.....w...W..{..W..W.......uz....g"N.J.f...B..:\..c>..nF.4......nd_..:.uv.r.\.3{.........X..e#..W......b.}._...5)_..].z...?~.._Y.....6a.....g..(....F'...2...._;.0..&?W....L... .N.....u.u`[.....U..d..@..#..s.N.
                          C:\Users\user\AppData\Local\Temp\7a8e0290-240b-4c1c-a89b-4ec570e6b2d9.tmp
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components 3
                          Category:dropped
                          Size (bytes):31335
                          Entropy (8bit):7.694019108205432
                          Encrypted:false
                          SSDEEP:
                          MD5:6B72597205C77D3E40E1A35BEE403801
                          SHA1:6BECEE055C6E057AF9475B6D651B4EE561D02F20
                          SHA-256:C899297FBDFC88C1634B1145A087FDB5BE17172FD786C078B299557B22F06DEB
                          SHA-512:7CB1A98E0C7FBB349D9CB681233A9F4ED22A1C3FAADCDF1BC270B04BD97D3FC41AB6F762B2F5F231281D63D96AC3D243640BA81D5E8CCD9F54486B4F538CA8B4
                          Malicious:false
                          Reputation:unknown
                          Preview:......Exif..II*.................Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''........V.."....................................................................................!1..AQ..aq."2....R..T....Br.#S.U..b..3Cs...t6.c.$D.5uV...4d.E&....%F......................!1..AQaq....."2......BRbr3CS....#..4.............?......1f.n..T......TP....E...........P.....@.........E..@......E.P........@........E.....P.P..A@@.E..@.P.P..AP.P..AP..@....T..AP.E..P.Z .. ....."... .....7.H...w.....t.....T....M.."...  P..n.n..t5..*B.P..*(.................*.....................( ..................*.. .".... .".......(.. .".....*.. ....o......E.6... ..*..."........."J......Ah......@.@@....:@{6..wCp..3...((.(......................*...@..(...."....................*......*.. ........T.......@.@@........AP.P..@.E@....E@.d.E@.@@..@.P.T..@..@..P.D...@M........EO..."...=.wCp.....R......P.@......
                          C:\Users\user\AppData\Local\Temp\9e5dddc4-2ac6-44b5-92a9-38c4a0b1a390.tmp
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:PNG image data, 75 x 75, 8-bit/color RGBA, non-interlaced
                          Category:dropped
                          Size (bytes):30435
                          Entropy (8bit):7.973155805306584
                          Encrypted:false
                          SSDEEP:
                          MD5:3FE6D674563AFFB7EC91C3B1FE518B66
                          SHA1:5BE740D23546155192636F8D90F5350AC82AF960
                          SHA-256:65B928773F942A8299E63826B68A9EA0C2441368B2D900E4E8E8C953223C6C65
                          SHA-512:1D20972863BBF6C1056C09DB21CD6716F6F673BF438573CA359300FE2B56D02C94A386721BDE641CDF0037F4AB9DA96263B58E1C6C3F248A68F3CCBE736E468A
                          Malicious:false
                          Reputation:unknown
                          Preview:.PNG........IHDR...K...K.....8Nz.....sRGB.........gAMA......a.....pHYs..........o.d....IDATx^.ilTU..g..e... .lJ..F.KX.V.5.....(.R.........E...h@v..,-..P...Rca......9.s.+..Tcb./...w.{...........`..Ro.A.< ...TI...g...B.J.)K.)K.)K.)K.)K.)K.)K.)K.)K.)K.)K.)K.)K.)K.)K.)K.)K.)K.)K.)K.)K.)K.)K.)K.)K.MY.*/8f?......-j.......'.m.x....d.R6........5e.Dp--.6..;.6rLl=....u.<D.a..9..c...?.*.>.Q...W.a....%x...]......q4...E.....-/_..rF....l,.....jz7.."N..3.C.N......C..N....Q..W.N(.-]:.[]..]{s.w.j.K.o.R.4...{w|..P....1.c]M?.wt... x..?S.........i.g?g.R0.sV1e.g.5w$g..p.hR...r...C|..>....p.(>..]3<.t..WN6.w.2c..`...l..N.......1.en...,..rn..R2..;..c...S.......A0.4.s.^w......q8...<]..j....r.u.........j.s^`...9....]....3..L-.....;......%.E..l.A.....w.1g..(D.-,...k.i,....Y.}.zDW}.9............Dm...eQ1w.c9...EMY..a.....E.....eA(..^..<....S...7>..g.....,c...i....k.k.....3-..z.95Q..U..D.A...X.j...B<.7`..cZ&.S3..&..{5..Jo....s.B^.4.Gsq.......<.<P.,....(x...z.u.H.z*.MCe.o..
                          C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\App1727703814714548700_C9253B80-E2DC-4CA1-92EA-B4F1800E4518.log
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                          File Type:ASCII text, with very long lines (28730), with CRLF line terminators
                          Category:dropped
                          Size (bytes):20971520
                          Entropy (8bit):0.16167021258786232
                          Encrypted:false
                          SSDEEP:
                          MD5:4D2E8EEEB02C79021139AEEB9280C522
                          SHA1:F9D3D7147CCDAEE55E0CD0AC79334FEFC0BE5682
                          SHA-256:AF039AC9B40DF0F1AD9A19D561E96579B599AAC51447FC409BA8050C0D57DF29
                          SHA-512:60F274BA92781D40F2421D9FC9119FB08ABC3BFCF24D42D9366886E5FD3A880025634076601B57E528D333F7CEF565A4951458EB10A53B72411E1E746C705AAD
                          Malicious:false
                          Reputation:unknown
                          Preview:Timestamp.Process.TID.Area.Category.EventID.Level.Message.Correlation..09/30/2024 13:43:34.748.OUTLOOK (0x1604).0x1764.Microsoft Outlook.Telemetry Event.b7vzq.Medium.SendEvent {"EventName":"Office.Text.GDIAssistant.HandleCallback","Flags":30962256044949761,"InternalSequenceNumber":21,"Time":"2024-09-30T13:43:34.748Z","Contract":"Office.System.Activity","Activity.CV":"gDslydzioUyS6rTxgA5FGA.4.9","Activity.Duration":13,"Activity.Count":1,"Activity.AggMode":0,"Activity.Success":true,"Data.GdiFamilyName":"","Data.CloudFontStatus":6,"Data.CloudFontTypes":256}...09/30/2024 13:43:34.764.OUTLOOK (0x1604).0x1764.Microsoft Outlook.Telemetry Event.b7vzq.Medium.SendEvent {"EventName":"Office.Text.ResourceClient.Deserialize","Flags":30962256044949761,"InternalSequenceNumber":23,"Time":"2024-09-30T13:43:34.764Z","Contract":"Office.System.Activity","Activity.CV":"gDslydzioUyS6rTxgA5FGA.4.10","Activity.Duration":11437,"Activity.Count":1,"Activity.AggMode":0,"Activity.Success":true,"Data.JsonFileMajorV
                          C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\App1727703814715899700_C9253B80-E2DC-4CA1-92EA-B4F1800E4518.log
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                          File Type:data
                          Category:dropped
                          Size (bytes):20971520
                          Entropy (8bit):0.0
                          Encrypted:false
                          SSDEEP:
                          MD5:8F4E33F3DC3E414FF94E5FB6905CBA8C
                          SHA1:9674344C90C2F0646F0B78026E127C9B86E3AD77
                          SHA-256:CD52D81E25F372E6FA4DB2C0DFCEB59862C1969CAB17096DA352B34950C973CC
                          SHA-512:7FB91E868F3923BBD043725818EF3A5D8D08EBF1059A18AC0FE07040D32EEBA517DA11515E6A4AFAEB29BCC5E0F1543BA2C595B0FE8E6167DDC5E6793EDEF5BB
                          Malicious:false
                          Reputation:unknown
                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_16827_20130-20240930T0943340512-5636.etl
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                          File Type:data
                          Category:modified
                          Size (bytes):98304
                          Entropy (8bit):4.482853084808881
                          Encrypted:false
                          SSDEEP:
                          MD5:C39B227FB22FCEEC8A9CEAC328AA1E91
                          SHA1:AA74B22FF9F761D8749C7ACC570213E620FF0B4B
                          SHA-256:2FA34DB4539A1910429C2C8386550E781E00996D815A296DF892566B142EA260
                          SHA-512:7FBBCE9E811057691B0EA77BEE0675938C35274D918F100E6FC3A617E80193396BDDFBFAA1D6C6CB25C8B29CA342EC4F30B8DF98C7DA8590F10447CD2A0A19ED
                          Malicious:false
                          Reputation:unknown
                          Preview:............................................................................`...d...........>...................eJ..............Zb..2...................................,...@.t.z.r.e.s...d.l.l.,.-.1.1.2.......................................................@.t.z.r.e.s...d.l.l.,.-.1.1.1...........................................................P..Z.Y..............>...........v.2._.O.U.T.L.O.O.K.:.1.6.0.4.:.1.7.9.3.3.b.a.2.9.b.b.b.4.7.5.9.8.9.9.0.5.6.c.0.9.b.6.a.a.8.2.8...C.:.\.U.s.e.r.s.\.c.a.l.i.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.T.e.m.p.\.O.u.t.l.o.o.k. .L.o.g.g.i.n.g.\.O.U.T.L.O.O.K._.1.6._.0._.1.6.8.2.7._.2.0.1.3.0.-.2.0.2.4.0.9.3.0.T.0.9.4.3.3.4.0.5.1.2.-.5.6.3.6...e.t.l.......P.P.d...........>...........................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Local\Temp\cb686cc0-2f43-4121-b200-b0243834b658.tmp
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 276634
                          Category:dropped
                          Size (bytes):176677
                          Entropy (8bit):7.998316576047385
                          Encrypted:true
                          SSDEEP:
                          MD5:8B23A010AE4A7F4EBF0E8061D95E4596
                          SHA1:CDAA6E4BD4ACC63E2542875E1D24D26726BC6DF9
                          SHA-256:392D3B41A249F4AD2A6D99277A90A120FBB80DCE79534C8492837A20A0323517
                          SHA-512:2D9828B561DC7003CA9602627A14026E2F4B7A0E34899B1294E650B5BD6D3E541E7BF289DF0B383974326EF284A317174CE0663DF48215A2AD06512040092833
                          Malicious:false
                          Reputation:unknown
                          Preview:...........ZKs.8...W.....%....r..$.=.q....9..#..<fk...@...M2...`..j.>...:9[..l..w.y.}^.<.v.g%.hQ..]._b.g)..N.3+'.(_..).68IP......I.....|...._.8...{...E...aV...,.`.z.YXx....O.%..]n.......5.J...8.6mP..$L.}...m..[!i.......P.e.).;V..(..._QmTVmQ...O..P....=.PEa5.-.T.....L.>..[..i...^.=..+H...............JW$eSs......i......}N.YB.o..su..DLp.aS....(..UqF..u~.I.p$h.n.....J...u.......Q...j_p9:.l..u.....v'4..I.,f.QZP.r.p]..[....p..V....oQ...........G.....'.DY0r...eI..)t.xieX.Xu..[R`Vu..-;..0a n....o...q.2.n......E./x.#y.3}..zu...,!O.![.[.e.QR.;............zB..._.xf.E...,.-....7...%PT.~....00.L:.;Kt.ZI.A..B.jqV..x.._.9...\>..G/..s..?..q.ZwS...}..e..q...<.I....t.-C...Z.j......<.......l...e.'T;=....AK..p.@.`Ap....|)2.'..............Q.0.X.n...!n.......w.......H..o......l..U.B...u4..........[.f&..C.a...Og0.v9..........Yq'#.<.,sc....P.....i.....R.i.p...=...e.i..,!m../..Qz..yR...L..}.d..B7m.......I..b.;bn.8~..6.[..nh.W....%RX.,...!..@XN.>+.9....<....
                          C:\Users\user\AppData\Local\Temp\cv_debug.log
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1420
                          Entropy (8bit):5.418160374728069
                          Encrypted:false
                          SSDEEP:
                          MD5:4C5F801C018F0A7D390EBBB3381C5029
                          SHA1:CA00AF8FB79CEBE882739462B5AD4C84F95AA1AF
                          SHA-256:0B27CFBA2F7973A12548B12F22950A2CC6B77B0CF79C0512AFAC9378489C9A7B
                          SHA-512:A5501438B2ED4944B88C07D97B48A051FA681866062A6704EAC981ADA338E9902621BD0D98244598C8EAD571EC3FF81C25C27557C75CC31F645DB8A41CE25C8C
                          Malicious:false
                          Reputation:unknown
                          Preview:{"logTime": "1006/090722", "correlationVector":"rmkayOhJfEabcRCB2/Bp31","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1006/090722", "correlationVector":"jqHPV/yTVN5KYgOfDN/5Rr","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1006/090722", "correlationVector":"25C1A0EE3BD244A1BB83CF2641B12F1A","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1006/093120", "correlationVector":"a/GaihlkzouX6tpAQ3civy","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1006/093121", "correlationVector":"2831F27CA5B645488E2DF2452C16A59E","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1006/093243", "correlationVector":"7DhT8FK3VbHYWFgub0ZtsN","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1006/093243", "correlationVector":"83EFC8979E1A419495133BAFAFA5A23F","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1006/093745", "correlationVector":"Bxyvid0fodNJ7Wehc/BC7P","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1006/093746", "correlationVector":"B1516CBB
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_1066187975\74a7c950-615e-48aa-b8f5-c65fe99997b4.tmp
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:Google Chrome extension, version 3
                          Category:dropped
                          Size (bytes):11185
                          Entropy (8bit):7.951995436832936
                          Encrypted:false
                          SSDEEP:
                          MD5:78E47DDA17341BED7BE45DCCFD89AC87
                          SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                          SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                          SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                          Malicious:false
                          Reputation:unknown
                          Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_1066187975\CRX_INSTALL\_metadata\verified_contents.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1753
                          Entropy (8bit):5.8889033066924155
                          Encrypted:false
                          SSDEEP:
                          MD5:738E757B92939B24CDBBD0EFC2601315
                          SHA1:77058CBAFA625AAFBEA867052136C11AD3332143
                          SHA-256:D23B2BA94BA22BBB681E6362AE5870ACD8A3280FA9E7241B86A9E12982968947
                          SHA-512:DCA3E12DD5A9F1802DB6D11B009FCE2B787E79B9F730094367C9F26D1D87AF1EA072FF5B10888648FB1231DD83475CF45594BB0C9915B655EE363A3127A5FFC2
                          Malicious:false
                          Reputation:unknown
                          Preview:[..  {..    "description": "treehash per file",..    "signed_content": {..      "payload": "eyJpdGVtX2lkIjoiam1qZmxnanBjcGVwZWFmbW1nZHBma29na2doY3BpaGEiLCJpdGVtX3ZlcnNpb24iOiIxLjIuMSIsInByb3RvY29sX3ZlcnNpb24iOjEsImNvbnRlbnRfaGFzaGVzIjpbeyJmb3JtYXQiOiJ0cmVlaGFzaCIsImRpZ2VzdCI6InNoYTI1NiIsImJsb2NrX3NpemUiOjQwOTYsImhhc2hfYmxvY2tfc2l6ZSI6NDA5NiwiZmlsZXMiOlt7InBhdGgiOiJjb250ZW50LmpzIiwicm9vdF9oYXNoIjoiQS13R1JtV0VpM1lybmxQNktneUdrVWJ5Q0FoTG9JZnRRZGtHUnBEcnp1QSJ9LHsicGF0aCI6ImNvbnRlbnRfbmV3LmpzIiwicm9vdF9oYXNoIjoiVU00WVRBMHc5NFlqSHVzVVJaVTFlU2FBSjFXVENKcHhHQUtXMGxhcDIzUSJ9LHsicGF0aCI6Im1hbmlmZXN0Lmpzb24iLCJyb290X2hhc2giOiJKNXYwVTkwRmN0ejBveWJMZmZuNm5TbHFLU0h2bHF2YkdWYW9FeWFOZU1zIn1dfV19",..      "signatures": [..        {..          "header": {..            "kid": "publisher"..          },..          "protected": "eyJhbGciOiJSUzI1NiJ9",..          "signature": "UglEEilkOml5P1W0X6wc-_dB87PQB73uMir11923av57zPKujb4IUe_lbGpn7cRZsy6x-8i9eEKxAW7L2TSmYqrcp4XtiON6ppcf27FWACXOUJDax9wlMr-EOtyZhykCnB9vR
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_1066187975\CRX_INSTALL\content.js
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
                          Category:dropped
                          Size (bytes):9815
                          Entropy (8bit):6.1716321262973315
                          Encrypted:false
                          SSDEEP:
                          MD5:3D20584F7F6C8EAC79E17CCA4207FB79
                          SHA1:3C16DCC27AE52431C8CDD92FBAAB0341524D3092
                          SHA-256:0D40A5153CB66B5BDE64906CA3AE750494098F68AD0B4D091256939EEA243643
                          SHA-512:315D1B4CC2E70C72D7EB7D51E0F304F6E64AC13AE301FD2E46D585243A6C936B2AD35A0964745D291AE9B317C316A29760B9B9782C88CC6A68599DB531F87D59
                          Malicious:false
                          Reputation:unknown
                          Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_1066187975\CRX_INSTALL\content_new.js
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
                          Category:dropped
                          Size (bytes):10388
                          Entropy (8bit):6.174387413738973
                          Encrypted:false
                          SSDEEP:
                          MD5:3DE1E7D989C232FC1B58F4E32DE15D64
                          SHA1:42B152EA7E7F31A964914F344543B8BF14B5F558
                          SHA-256:D4AA4602A1590A4B8A1BCE8B8D670264C9FB532ADC97A72BC10C43343650385A
                          SHA-512:177E5BDF3A1149B0229B6297BAF7B122602F7BD753F96AA41CCF2D15B2BCF6AF368A39BB20336CCCE121645EC097F6BEDB94666C74ACB6174EB728FBFC43BC2A
                          Malicious:false
                          Reputation:unknown
                          Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_1066187975\CRX_INSTALL\manifest.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):962
                          Entropy (8bit):5.698567446030411
                          Encrypted:false
                          SSDEEP:
                          MD5:E805E9E69FD6ECDCA65136957B1FB3BE
                          SHA1:2356F60884130C86A45D4B232A26062C7830E622
                          SHA-256:5694C91F7D165C6F25DAF0825C18B373B0A81EA122C89DA60438CD487455FD6A
                          SHA-512:049662EF470D2B9E030A06006894041AE6F787449E4AB1FBF4959ADCB88C6BB87A957490212697815BB3627763C01B7B243CF4E3C4620173A95795884D998A75
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "content_scripts": [ {..      "js": [ "content.js" ],..      "matches": [ "https://chrome.google.com/webstore/*" ]..   }, {..      "js": [ "content_new.js" ],..      "matches": [ "https://chromewebstore.google.com/*" ]..   } ],..   "description": "Edge relevant text changes on select websites to improve user experience and precisely surfaces the action they want to take.",..   "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu06p2Mjoy6yJDUUjCe8Hnqvtmjll73XqcbylxFZZWe+MCEAEK+1D0Nxrp0+IuWJL02CU3jbuR5KrJYoezA36M1oSGY5lIF/9NhXWEx5GrosxcBjxqEsdWv/eDoOOEbIvIO0ziMv7T1SUnmAA07wwq8DXWYuwlkZU/PA0Mxx0aNZ5+QyMfYqRmMpwxkwPG8gyU7kmacxgCY1v7PmmZo1vSIEOBYrxl064w5Q6s/dpalSJM9qeRnvRMLsszGY/J2bjQ1F0O2JfIlBjCOUg/89+U8ZJ1mObOFrKO4um8QnenXtH0WGmsvb5qBNrvbWNPuFgr2+w5JYlpSQ+O8zUCb8QZwIDAQAB",..   "manifest_version": 3,..   "name": "Edge relevant text changes",..   "update_url": "https://edge.microsoft.com/extensionwebstorebase/v1/crx",..   "version": "1.2.1"..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\128.png
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
                          Category:dropped
                          Size (bytes):4982
                          Entropy (8bit):7.929761711048726
                          Encrypted:false
                          SSDEEP:
                          MD5:913064ADAAA4C4FA2A9D011B66B33183
                          SHA1:99EA751AC2597A080706C690612AEEEE43161FC1
                          SHA-256:AFB4CE8882EF7AE80976EBA7D87F6E07FCDDC8E9E84747E8D747D1E996DEA8EB
                          SHA-512:162BF69B1AD5122C6154C111816E4B87A8222E6994A72743ED5382D571D293E1467A2ED2FC6CC27789B644943CF617A56DA530B6A6142680C5B2497579A632B5
                          Malicious:false
                          Reputation:unknown
                          Preview:.PNG........IHDR..............>a....=IDATx..]}...U..;...O.Q..QH.I(....v..E....GUb*..R[.4@%..hK..B..(.B..". ....&)U#.%...jZ...JC.8.....{.cfvgf.3;.....}ow.....{...P.B...*T.P.B...*Tx...=.Q..wv.w.....|.e.1.$.P.?..l_\.n.}...~.g.....Q...A.f....m.....{,...C2 %..X.......FE.1.N..f...Q..D.K87.....:g..Q.{............3@$.8.....{.....q....G.. .....5..y......)XK..F...D.......... ."8...J#.eM.i....H.E.....a.RIP.`......)..T.....! .[p`X.`..L.a....e. .T..2.....H..p$..02...j....\..........s{...Ymm~.a........f.$./.[.{..C.2:.0..6..]....`....NW.....0..o.T..$;k.2......_...k..{,.+........{..6...L..... .dw...l$..}...K...EV....0......P...e....k....+Go....qw.9.1...X2\..qfw0v.....N...{...l.."....f.A..I..+#.v....'..~E.N-k.........{...l.$..ga..1...$......x$X=}.N..S..B$p..`..`.ZG:c..RA.(.0......Gg.A.I..>...3u.u........_..KO.m.........C...,..c.......0...@_..m...-..7.......4LZ......j@.......\..'....u. QJ.:G..I`.w'B0..w.H..'b.0- ......|..}./.....e..,.K.1........W.u.v. ...\.o
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\am\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1285
                          Entropy (8bit):4.702209356847184
                          Encrypted:false
                          SSDEEP:
                          MD5:9721EBCE89EC51EB2BAEB4159E2E4D8C
                          SHA1:58979859B28513608626B563138097DC19236F1F
                          SHA-256:3D0361A85ADFCD35D0DE74135723A75B646965E775188F7DCDD35E3E42DB788E
                          SHA-512:FA3689E8663565D3C1C923C81A620B006EA69C99FB1EB15D07F8F45192ED9175A6A92315FA424159C1163382A3707B25B5FC23E590300C62CBE2DACE79D84871
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "... ..."..   },..   "explanationofflinedisabled": {..      "message": "..... .. .... Google ..... ........ ..... ..... .Google .... ... .. .. .. ..... .... ....... .. ....... ... .. .. ..... .. ..... ...."..   },..   "explanationofflineenabled": {..      "message": "..... .. .... ... .. .... .... ..... .... ... ..... .... ....."..   },..   "extdesc": {..      "message": "...... ..... .... ... .. ..... ...... ..... .... .. ..... . .... .. ...... ....."..   },..   "extname": {..      "message": "..... .. Goog
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\ar\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1244
                          Entropy (8bit):4.5533961615623735
                          Encrypted:false
                          SSDEEP:
                          MD5:3EC93EA8F8422FDA079F8E5B3F386A73
                          SHA1:24640131CCFB21D9BC3373C0661DA02D50350C15
                          SHA-256:ABD0919121956AB535E6A235DE67764F46CFC944071FCF2302148F5FB0E8C65A
                          SHA-512:F40E879F85BC9B8120A9B7357ED44C22C075BF065F45BEA42BD5316AF929CBD035D5D6C35734E454AEF5B79D378E51A77A71FA23F9EBD0B3754159718FCEB95C
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "..... ...."..   },..   "explanationofflinedisabled": {..      "message": "... ... ...... ........ ....... Google ... ..... .......... ..... ... ......... .. ...... ........ ........ Google ..... ........ ... ..... .. ..... ....... .... .... .... .........."..   },..   "explanationofflineenabled": {..      "message": "... ... ...... .... .. .... ....... ..... ....... ....... .. ..... ..... ......"..   },..   "extdesc": {..      "message": "..... ......... ...... ........ ....... ......... ........ ....... .. ... ... ..... ........."..   },..   "extname": {..      "message": "....... Google ... ......"..   },..   "learnmore": {..      "messa
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\az\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):977
                          Entropy (8bit):4.867640976960053
                          Encrypted:false
                          SSDEEP:
                          MD5:9A798FD298008074E59ECC253E2F2933
                          SHA1:1E93DA985E880F3D3350FC94F5CCC498EFC8C813
                          SHA-256:628145F4281FA825D75F1E332998904466ABD050E8B0DC8BB9B6A20488D78A66
                          SHA-512:9094480379F5AB711B3C32C55FD162290CB0031644EA09A145E2EF315DA12F2E55369D824AF218C3A7C37DD9A276AEEC127D8B3627D3AB45A14B0191ED2BBE70
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "YEN.S.N. YARADIN"..   },..   "explanationofflinedisabled": {..      "message": "Oflayns.n.z. Google S.n.di internet ba.lant.s. olmadan istifad. etm.k ist.yirsinizs., Google S.n.din .sas s.hif.sind. ayarlara gedin v. n.vb.ti d.f. internet. qo.ulanda oflayn sinxronizasiyan. aktiv edin."..   },..   "explanationofflineenabled": {..      "message": "Oflayns.n.z, amma m.vcud fayllar. redakt. ed. v. yenil.rini yarada bil.rsiniz."..   },..   "extdesc": {..      "message": "S.n.d, c.dv.l v. t.qdimatlar.n ham.s.n. internet olmadan redakt. edin, yarad.n v. bax.n."..   },..   "extname": {..      "message": "Google S.n.d Oflayn"..   },..   "learnmore": {..      "message": ".trafl. M.lumat"..   },..   "popuphelptext": {..      "message": "Harda olma..n.zdan v. internet. qo.ulu olub-olmad...n.zdan as.l. olmayaraq, yaz.n, redakt. edin v. .m.kda.l.q edin."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\bg\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1389
                          Entropy (8bit):4.561317517930672
                          Encrypted:false
                          SSDEEP:
                          MD5:2E6423F38E148AC5A5A041B1D5989CC0
                          SHA1:88966FFE39510C06CD9F710DFAC8545672FFDCEB
                          SHA-256:AC4A8B5B7C0B0DD1C07910F30DCFBDF1BCB701CFCFD182B6153FD3911D566C0E
                          SHA-512:891FCDC6F07337970518322C69C6026896DD3588F41F1E6C8A1D91204412CAE01808F87F9F2DEA1754458D70F51C3CEF5F12A9E3FC011165A42B0844C75EC683
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "........."..   },..   "explanationofflinedisabled": {..      "message": "...... .... .. .. .......... Google ......... ... ........ ......, ........ ........... . ......... ........ .. Google ......... . ........ ...... .............. ......... ..., ...... ..... ...... . ........."..   },..   "explanationofflineenabled": {..      "message": "...... ..., .. ... ...... .. ........... ......... ....... ... .. ......... ....."..   },..   "extdesc": {..      "message": "............, .......... . ............ ...... ........., .......... ....... . ........... . ...... .... ... ...... .. ........."..   },..  
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\bn\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1763
                          Entropy (8bit):4.25392954144533
                          Encrypted:false
                          SSDEEP:
                          MD5:651375C6AF22E2BCD228347A45E3C2C9
                          SHA1:109AC3A912326171D77869854D7300385F6E628C
                          SHA-256:1DBF38E425C5C7FC39E8077A837DF0443692463BA1FBE94E288AB5A93242C46E
                          SHA-512:958AA7CF645FAB991F2ECA0937BA734861B373FB1C8BCC001599BE57C65E0917F7833A971D93A7A6423C5F54A4839D3A4D5F100C26EFA0D2A068516953989F9D
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": ".... .... ...."..   },..   "explanationofflinedisabled": {..      "message": ".... ....... ....... .... ......... ..... ..... Google ........ ....... ...., Google .......... ........ ....... ... ... .... ... .... ... ........... .... ....... .... ... ...... ..... .... ....."..   },..   "explanationofflineenabled": {..      "message": ".... ....... ......, ...... .... .... ...... .......... ........ .... .. .... .... .... .... ......."..   },..   "extdesc":
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\ca\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):930
                          Entropy (8bit):4.569672473374877
                          Encrypted:false
                          SSDEEP:
                          MD5:D177261FFE5F8AB4B3796D26835F8331
                          SHA1:4BE708E2FFE0F018AC183003B74353AD646C1657
                          SHA-256:D6E65238187A430FF29D4C10CF1C46B3F0FA4B91A5900A17C5DFD16E67FFC9BD
                          SHA-512:E7D730304AED78C0F4A78DADBF835A22B3D8114FB41D67B2B26F4FE938B572763D3E127B7C1C81EBE7D538DA976A7A1E7ADC40F918F88AFADEA2201AE8AB47D0
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "CREA'N UN DE NOU"..   },..   "explanationofflinedisabled": {..      "message": "No tens connexi.. Per utilitzar Documents de Google sense connexi. a Internet, ves a la configuraci. de la p.gina d'inici d'aquest servei i activa l'opci. per sincronitzar-se sense connexi. la propera vegada que estiguis connectat a la xarxa."..   },..   "explanationofflineenabled": {..      "message": "Tot i que no tens connexi., pots editar o crear fitxers."..   },..   "extdesc": {..      "message": "Edita, crea i consulta documents, fulls de c.lcul i presentacions, tot sense acc.s a Internet."..   },..   "extname": {..      "message": "Documents de Google sense connexi."..   },..   "learnmore": {..      "message": "M.s informaci."..   },..   "popuphelptext": {..      "message": "Escriu text, edita fitxers i col.labora-hi siguis on siguis, amb o sense connexi. a Internet."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\cs\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):913
                          Entropy (8bit):4.947221919047
                          Encrypted:false
                          SSDEEP:
                          MD5:CCB00C63E4814F7C46B06E4A142F2DE9
                          SHA1:860936B2A500CE09498B07A457E0CCA6B69C5C23
                          SHA-256:21AE66CE537095408D21670585AD12599B0F575FF2CB3EE34E3A48F8CC71CFAB
                          SHA-512:35839DAC6C985A6CA11C1BFF5B8B5E59DB501FCB91298E2C41CB0816B6101BF322445B249EAEA0CEF38F76D73A4E198F2B6E25EEA8D8A94EA6007D386D4F1055
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "VYTVO.IT"..   },..   "explanationofflinedisabled": {..      "message": "Jste offline. Pokud chcete Dokumenty Google pou..vat bez p.ipojen. k.internetu, a. budete p...t. online, p.ejd.te do nastaven. na domovsk. str.nce Dokument. Google a.zapn.te offline synchronizaci."..   },..   "explanationofflineenabled": {..      "message": "Jste offline, ale st.le m..ete upravovat dostupn. soubory nebo vytv..et nov.."..   },..   "extdesc": {..      "message": "Upravujte, vytv..ejte a.zobrazujte sv. dokumenty, tabulky a.prezentace . v.e bez p..stupu k.internetu."..   },..   "extname": {..      "message": "Dokumenty Google offline"..   },..   "learnmore": {..      "message": "Dal.. informace"..   },..   "popuphelptext": {..      "message": "Pi.te, upravujte a.spolupracujte kdekoli, s.p.ipojen.m k.internetu i.bez n.j."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\da\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):883
                          Entropy (8bit):4.5096240460083905
                          Encrypted:false
                          SSDEEP:
                          MD5:B922F7FD0E8CCAC31B411FC26542C5BA
                          SHA1:2D25E153983E311E44A3A348B7D97AF9AAD21A30
                          SHA-256:48847D57C75AF51A44CBF8F7EF1A4496C2007E58ED56D340724FDA1604FF9195
                          SHA-512:AD0954DEEB17AF04858DD5EC3D3B3DA12DFF7A666AF4061DEB6FD492992D95DB3BAF751AB6A59BEC7AB22117103A93496E07632C2FC724623BB3ACF2CA6093F3
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "OPRET NYT"..   },..   "explanationofflinedisabled": {..      "message": "Du er offline. Hvis du vil bruge Google Docs uden en internetforbindelse, kan du g. til indstillinger p. startsiden for Google Docs og aktivere offlinesynkronisering, n.ste gang du har internetforbindelse."..   },..   "explanationofflineenabled": {..      "message": "Du er offline, men du kan stadig redigere tilg.ngelige filer eller oprette nye."..   },..   "extdesc": {..      "message": "Rediger, opret og se dine dokumenter, regneark og pr.sentationer helt uden internetadgang."..   },..   "extname": {..      "message": "Google Docs Offline"..   },..   "learnmore": {..      "message": "F. flere oplysninger"..   },..   "popuphelptext": {..      "message": "Skriv, rediger og samarbejd, uanset hvor du er, og uanset om du har internetforbindelse."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\de\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1031
                          Entropy (8bit):4.621865814402898
                          Encrypted:false
                          SSDEEP:
                          MD5:D116453277CC860D196887CEC6432FFE
                          SHA1:0AE00288FDE696795CC62FD36EABC507AB6F4EA4
                          SHA-256:36AC525FA6E28F18572D71D75293970E0E1EAD68F358C20DA4FDC643EEA2C1C5
                          SHA-512:C788C3202A27EC220E3232AE25E3C855F3FDB8F124848F46A3D89510C564641A2DFEA86D5014CEA20D3D2D3C1405C96DBEB7CCAD910D65C55A32FDCA8A33FDD4
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "NEU ERSTELLEN"..   },..   "explanationofflinedisabled": {..      "message": "Sie sind offline. Um Google Docs ohne Internetverbindung zu verwenden, gehen Sie auf der Google Docs-Startseite auf \"Einstellungen\" und schalten die Offlinesynchronisierung ein, wenn Sie das n.chste Mal mit dem Internet verbunden sind."..   },..   "explanationofflineenabled": {..      "message": "Sie sind offline, aber k.nnen weiterhin verf.gbare Dateien bearbeiten oder neue Dateien erstellen."..   },..   "extdesc": {..      "message": "Mit der Erweiterung k.nnen Sie Dokumente, Tabellen und Pr.sentationen bearbeiten, erstellen und aufrufen.. ganz ohne Internetverbindung."..   },..   "extname": {..      "message": "Google Docs Offline"..   },..   "learnmore": {..      "message": "Weitere Informationen"..   },..   "popuphelptext": {..      "message": "Mit oder ohne Internetverbindung: Sie k.nnen von .berall Dokumente erstellen, .ndern und zusammen mit anderen 
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\el\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1613
                          Entropy (8bit):4.618182455684241
                          Encrypted:false
                          SSDEEP:
                          MD5:9ABA4337C670C6349BA38FDDC27C2106
                          SHA1:1FC33BE9AB4AD99216629BC89FBB30E7AA42B812
                          SHA-256:37CA6AB271D6E7C9B00B846FDB969811C9CE7864A85B5714027050795EA24F00
                          SHA-512:8564F93AD8485C06034A89421CE74A4E719BBAC865E33A7ED0B87BAA80B7F7E54B240266F2EDB595DF4E6816144428DB8BE18A4252CBDCC1E37B9ECC9F9D7897
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": ".......... ...."..   },..   "explanationofflinedisabled": {..      "message": "..... ..... ......... ... .. ............... .. ....... Google ..... ....... ... ........., ......... .... ......... .... ...... ...... ... ........ Google ... ............. ... ........... ..... ........ ... ....... .... ... .. ..... ............ ... .........."..   },..   "explanationofflineenabled": {..      "message": "..... ..... ........ .... ........ .. .............. .. ......... ...... . .. ............. ... ......."..   },..   "extdesc": {..      "message": ".............., ............ ... ..... .. ......., .
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\en_CA\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):851
                          Entropy (8bit):4.4858053753176526
                          Encrypted:false
                          SSDEEP:
                          MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                          SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                          SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                          SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "CREATE NEW"..   },..   "explanationofflinedisabled": {..      "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet."..   },..   "explanationofflineenabled": {..      "message": "You're offline, but you can still edit available files or create new ones."..   },..   "extdesc": {..      "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access."..   },..   "extname": {..      "message": "Google Docs Offline"..   },..   "learnmore": {..      "message": "Learn More"..   },..   "popuphelptext": {..      "message": "Write, edit, and collaborate wherever you are, with or without an internet connection."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\en_GB\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):848
                          Entropy (8bit):4.494568170878587
                          Encrypted:false
                          SSDEEP:
                          MD5:3734D498FB377CF5E4E2508B8131C0FA
                          SHA1:AA23E39BFE526B5E3379DE04E00EACBA89C55ADE
                          SHA-256:AB5CDA04013DCE0195E80AF714FBF3A67675283768FFD062CF3CF16EDB49F5D4
                          SHA-512:56D9C792954214B0DE56558983F7EB7805AC330AF00E944E734340BE41C68E5DD03EDDB17A63BC2AB99BDD9BE1F2E2DA5BE8BA7C43D938A67151082A9041C7BA
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "CREATE NEW"..   },..   "explanationofflinedisabled": {..      "message": "You're offline. To use Google Docs without an Internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the Internet."..   },..   "explanationofflineenabled": {..      "message": "You're offline, but you can still edit available files or create new ones."..   },..   "extdesc": {..      "message": "Edit, create and view your documents, spreadsheets and presentations . all without Internet access."..   },..   "extname": {..      "message": "Google Docs Offline"..   },..   "learnmore": {..      "message": "Learn more"..   },..   "popuphelptext": {..      "message": "Write, edit and collaborate wherever you are, with or without an Internet connection."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\en_US\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1425
                          Entropy (8bit):4.461560329690825
                          Encrypted:false
                          SSDEEP:
                          MD5:578215FBB8C12CB7E6CD73FBD16EC994
                          SHA1:9471D71FA6D82CE1863B74E24237AD4FD9477187
                          SHA-256:102B586B197EA7D6EDFEB874B97F95B05D229EA6A92780EA8544C4FF1E6BC5B1
                          SHA-512:E698B1A6A6ED6963182F7D25AC12C6DE06C45D14499DDC91E81BDB35474E7EC9071CFEBD869B7D129CB2CD127BC1442C75E408E21EB8E5E6906A607A3982B212
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createNew": {..      "description": "Text shown in the extension pop up for creating a new document",..      "message": "CREATE NEW"..   },..   "explanationOfflineDisabled": {..      "description": "Text shown in the extension popup when the user is offline and offline is disabled.",..      "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet."..   },..   "explanationOfflineEnabled": {..      "description": "Text shown in the extension popup when the user is offline and offline is enabled.",..      "message": "You're offline, but you can still edit available files or create new ones."..   },..   "extDesc": {..      "description": "Extension description",..      "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access."..   },..   "extName": {..      "description": "Extension name",..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\es\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):961
                          Entropy (8bit):4.537633413451255
                          Encrypted:false
                          SSDEEP:
                          MD5:F61916A206AC0E971CDCB63B29E580E3
                          SHA1:994B8C985DC1E161655D6E553146FB84D0030619
                          SHA-256:2008F4FAAB71AB8C76A5D8811AD40102C380B6B929CE0BCE9C378A7CADFC05EB
                          SHA-512:D9C63B2F99015355ACA04D74A27FD6B81170750C4B4BE7293390DC81EF4CD920EE9184B05C61DC8979B6C2783528949A4AE7180DBF460A2620DBB0D3FD7A05CF
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "CREAR"..   },..   "explanationofflinedisabled": {..      "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a Configuraci.n en la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que te conectes a Internet."..   },..   "explanationofflineenabled": {..      "message": "No tienes conexi.n. Aun as., puedes crear archivos o editar los que est.n disponibles."..   },..   "extdesc": {..      "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones; todo ello, sin acceso a Internet."..   },..   "extname": {..      "message": "Documentos de Google sin conexi.n"..   },..   "learnmore": {..      "message": "M.s informaci.n"..   },..   "popuphelptext": {..      "message": "Escribe o edita contenido y colabora con otras personas desde cualquier lugar, con o sin conexi.n a Internet."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\es_419\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):959
                          Entropy (8bit):4.570019855018913
                          Encrypted:false
                          SSDEEP:
                          MD5:535331F8FB98894877811B14994FEA9D
                          SHA1:42475E6AFB6A8AE41E2FC2B9949189EF9BBE09FB
                          SHA-256:90A560FF82605DB7EDA26C90331650FF9E42C0B596CEDB79B23598DEC1B4988F
                          SHA-512:2CE9C69E901AB5F766E6CFC1E592E1AF5A07AA78D154CCBB7898519A12E6B42A21C5052A86783ABE3E7A05043D4BD41B28960FEDDB30169FF7F7FE7208C8CFE9
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "CREAR NUEVO"..   },..   "explanationofflinedisabled": {..      "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a la configuraci.n de la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que est.s conectado a Internet."..   },..   "explanationofflineenabled": {..      "message": "No tienes conexi.n, pero a.n puedes modificar los archivos disponibles o crear otros nuevos."..   },..   "extdesc": {..      "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones aunque no tengas acceso a Internet"..   },..   "extname": {..      "message": "Documentos de Google sin conexi.n"..   },..   "learnmore": {..      "message": "M.s informaci.n"..   },..   "popuphelptext": {..      "message": "Escribe, modifica y colabora dondequiera que est.s, con conexi.n a Internet o sin ella."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\et\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):968
                          Entropy (8bit):4.633956349931516
                          Encrypted:false
                          SSDEEP:
                          MD5:64204786E7A7C1ED9C241F1C59B81007
                          SHA1:586528E87CD670249A44FB9C54B1796E40CDB794
                          SHA-256:CC31B877238DA6C1D51D9A6155FDE565727A1956572F466C387B7E41C4923A29
                          SHA-512:44FCF93F3FB10A3DB68D74F9453995995AB2D16863EC89779DB451A4D90F19743B8F51095EEC3ECEF5BD0C5C60D1BF3DFB0D64DF288DCCFBE70C129AE350B2C6
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "LOO UUS"..   },..   "explanationofflinedisabled": {..      "message": "Teil ei ole v.rgu.hendust. Teenuse Google.i dokumendid kasutamiseks ilma Interneti-.henduseta avage j.rgmine kord, kui olete Internetiga .hendatud, teenuse Google.i dokumendid avalehel seaded ja l.litage sisse v.rgu.henduseta s.nkroonimine."..   },..   "explanationofflineenabled": {..      "message": "Teil ei ole v.rgu.hendust, kuid saate endiselt saadaolevaid faile muuta v.i uusi luua."..   },..   "extdesc": {..      "message": "Saate luua, muuta ja vaadata oma dokumente, arvustustabeleid ning esitlusi ilma Interneti-.henduseta."..   },..   "extname": {..      "message": "V.rgu.henduseta Google.i dokumendid"..   },..   "learnmore": {..      "message": "Lisateave"..   },..   "popuphelptext": {..      "message": "Kirjutage, muutke ja tehke koost..d .ksk.ik kus olenemata sellest, kas teil on Interneti-.hendus."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\fa\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1305
                          Entropy (8bit):4.673517697192589
                          Encrypted:false
                          SSDEEP:
                          MD5:097F3BA8DE41A0AAF436C783DCFE7EF3
                          SHA1:986B8CABD794E08C7AD41F0F35C93E4824AC84DF
                          SHA-256:7C4C09D19AC4DA30CC0F7F521825F44C4DFBC19482A127FBFB2B74B3468F48F1
                          SHA-512:8114EA7422E3B20AE3F08A3A64A6FFE1517A7579A3243919B8F789EB52C68D6F5A591F7B4D16CEE4BD337FF4DAF4057D81695732E5F7D9E761D04F859359FADB
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "..... ... ...."..   },..   "explanationofflinedisabled": {..      "message": "...... ...... .... ....... .. ....... Google .... ..... ........ .... ... .. .. ....... ... ..... .. ....... .. .... .... ....... Google ..... . .......... ...... .. .... ....."..   },..   "explanationofflineenabled": {..      "message": "...... ..... ... ...... ......... ......... .. .. .. ..... ..... ...... .... .. ........ ..... ..... ....."..   },..   "extdesc": {..      "message": "...... ............ . ........ .. ....... ..... . ...... .... . ... ... ..... .... ...... .. ........"..   },..   "extname": {..      "message": "....... Google .
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\fi\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):911
                          Entropy (8bit):4.6294343834070935
                          Encrypted:false
                          SSDEEP:
                          MD5:B38CBD6C2C5BFAA6EE252D573A0B12A1
                          SHA1:2E490D5A4942D2455C3E751F96BD9960F93C4B60
                          SHA-256:2D752A5DBE80E34EA9A18C958B4C754F3BC10D63279484E4DF5880B8FD1894D2
                          SHA-512:6E65207F4D8212736059CC802C6A7104E71A9CC0935E07BD13D17EC46EA26D10BC87AD923CD84D78781E4F93231A11CB9ED8D3558877B6B0D52C07CB005F1C0C
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "LUO UUSI"..   },..   "explanationofflinedisabled": {..      "message": "Olet offline-tilassa. Jos haluat k.ytt.. Google Docsia ilman internetyhteytt., siirry Google Docsin etusivulle ja ota asetuksissa k.ytt..n offline-synkronointi, kun seuraavan kerran olet yhteydess. internetiin."..   },..   "explanationofflineenabled": {..      "message": "Olet offline-tilassa. Voit kuitenkin muokata k.ytett.viss. olevia tiedostoja tai luoda uusia."..   },..   "extdesc": {..      "message": "Muokkaa, luo ja katso dokumentteja, laskentataulukoita ja esityksi. ilman internetyhteytt.."..   },..   "extname": {..      "message": "Google Docsin offline-tila"..   },..   "learnmore": {..      "message": "Lis.tietoja"..   },..   "popuphelptext": {..      "message": "Kirjoita, muokkaa ja tee yhteisty.t. paikasta riippumatta, my.s ilman internetyhteytt.."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\fil\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):939
                          Entropy (8bit):4.451724169062555
                          Encrypted:false
                          SSDEEP:
                          MD5:FCEA43D62605860FFF41BE26BAD80169
                          SHA1:F25C2CE893D65666CC46EA267E3D1AA080A25F5B
                          SHA-256:F51EEB7AAF5F2103C1043D520E5A4DE0FA75E4DC375E23A2C2C4AFD4D9293A72
                          SHA-512:F66F113A26E5BCF54B9AAFA69DAE3C02C9C59BD5B9A05F829C92AF208C06DC8CCC7A1875CBB7B7CE425899E4BA27BFE8CE2CDAF43A00A1B9F95149E855989EE0
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "GUMAWA NG BAGO"..   },..   "explanationofflinedisabled": {..      "message": "Naka-offline ka. Upang magamit ang Google Docs nang walang koneksyon sa internet, pumunta sa mga setting sa homepage ng Google Docs at i-on ang offline na pag-sync sa susunod na nakakonekta ka sa internet."..   },..   "explanationofflineenabled": {..      "message": "Naka-offline ka, ngunit maaari mo pa ring i-edit ang mga available na file o gumawa ng mga bago."..   },..   "extdesc": {..      "message": "I-edit, gawin, at tingnan ang iyong mga dokumento, spreadsheet, at presentation . lahat ng ito nang walang access sa internet."..   },..   "extname": {..      "message": "Google Docs Offline"..   },..   "learnmore": {..      "message": "Matuto Pa"..   },..   "popuphelptext": {..      "message": "Magsulat, mag-edit at makipag-collaborate nasaan ka man, nang mayroon o walang koneksyon sa internet."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\fr\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):977
                          Entropy (8bit):4.622066056638277
                          Encrypted:false
                          SSDEEP:
                          MD5:A58C0EEBD5DC6BB5D91DAF923BD3A2AA
                          SHA1:F169870EEED333363950D0BCD5A46D712231E2AE
                          SHA-256:0518287950A8B010FFC8D52554EB82E5D93B6C3571823B7CECA898906C11ABCC
                          SHA-512:B04AFD61DE490BC838354E8DC6C22BE5C7AC6E55386FFF78489031ACBE2DBF1EAA2652366F7A1E62CE87CFCCB75576DA3B2645FEA1645B0ECEB38B1FA3A409E8
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "CR.ER"..   },..   "explanationofflinedisabled": {..      "message": "Vous .tes hors connexion. Pour pouvoir utiliser Google.Docs sans connexion Internet, acc.dez aux param.tres de la page d'accueil de Google.Docs et activez la synchronisation hors connexion lors de votre prochaine connexion . Internet."..   },..   "explanationofflineenabled": {..      "message": "Vous .tes hors connexion, mais vous pouvez quand m.me modifier les fichiers disponibles ou cr.er des fichiers."..   },..   "extdesc": {..      "message": "Modifiez, cr.ez et consultez des documents, feuilles de calcul et pr.sentations, sans acc.s . Internet."..   },..   "extname": {..      "message": "Google.Docs hors connexion"..   },..   "learnmore": {..      "message": "En savoir plus"..   },..   "popuphelptext": {..      "message": "R.digez des documents, modifiez-les et collaborez o. que vous soyez, avec ou sans connexion Internet."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\fr_CA\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):972
                          Entropy (8bit):4.621319511196614
                          Encrypted:false
                          SSDEEP:
                          MD5:6CAC04BDCC09034981B4AB567B00C296
                          SHA1:84F4D0E89E30ED7B7ACD7644E4867FFDB346D2A5
                          SHA-256:4CAA46656ECC46A420AA98D3307731E84F5AC1A89111D2E808A228C436D83834
                          SHA-512:160590B6EC3DCF48F3EA7A5BAA11A8F6FA4131059469623E00AD273606B468B3A6E56D199E97DAA0ECB6C526260EBAE008570223F2822811F441D1C900DC33D6
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "CR.ER"..   },..   "explanationofflinedisabled": {..      "message": "Vous .tes hors connexion. Pour utiliser Google.Documents sans connexion Internet, acc.dez aux param.tres sur la page d'accueil Google.Documents et activez la synchronisation hors ligne la prochaine fois que vous .tes connect. . Internet."..   },..   "explanationofflineenabled": {..      "message": "Vous .tes hors connexion, mais vous pouvez toujours modifier les fichiers disponibles ou en cr.er."..   },..   "extdesc": {..      "message": "Modifiez, cr.ez et consultez vos documents, vos feuilles de calcul et vos pr.sentations, le tout sans acc.s . Internet."..   },..   "extname": {..      "message": "Google.Documents hors connexion"..   },..   "learnmore": {..      "message": "En savoir plus"..   },..   "popuphelptext": {..      "message": ".crivez, modifiez et collaborez o. que vous soyez, avec ou sans connexion Internet."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\gl\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):990
                          Entropy (8bit):4.497202347098541
                          Encrypted:false
                          SSDEEP:
                          MD5:6BAAFEE2F718BEFBC7CD58A04CCC6C92
                          SHA1:CE0BDDDA2FA1F0AD222B604C13FF116CBB6D02CF
                          SHA-256:0CF098DFE5BBB46FC0132B3CF0C54B06B4D2C8390D847EE2A65D20F9B7480F4C
                          SHA-512:3DA23E74CD6CF9C0E2A0C4DBA60301281D362FB0A2A908F39A55ABDCA4CC69AD55638C63CC3BEFD44DC032F9CBB9E2FDC1B4C4ABE292917DF8272BA25B82AF20
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "CREAR NOVO"..   },..   "explanationofflinedisabled": {..      "message": "Est.s sen conexi.n. Para utilizar Documentos de Google sen conexi.n a Internet, accede .s opci.ns de configuraci.n na p.xina de inicio de Documentos de Google e activa a sincronizaci.n sen conexi.n a pr.xima vez que esteas conectado a Internet."..   },..   "explanationofflineenabled": {..      "message": "Est.s sen conexi.n. A.nda podes editar os ficheiros dispo.ibles ou crear outros novos."..   },..   "extdesc": {..      "message": "Modifica, crea e consulta os teus documentos, follas de c.lculo e presentaci.ns sen necesidade de acceder a Internet."..   },..   "extname": {..      "message": "Documentos de Google sen conexi.n"..   },..   "learnmore": {..      "message": "M.is informaci.n"..   },..   "popuphelptext": {..      "message": "Escribe, edita e colabora esteas onde esteas, tanto se tes conexi.n a Internet como se non a tes."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\gu\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1658
                          Entropy (8bit):4.294833932445159
                          Encrypted:false
                          SSDEEP:
                          MD5:BC7E1D09028B085B74CB4E04D8A90814
                          SHA1:E28B2919F000B41B41209E56B7BF3A4448456CFE
                          SHA-256:FE8218DF25DB54E633927C4A1640B1A41B8E6CB3360FA386B5382F833B0B237C
                          SHA-512:040A8267D67DB05BBAA52F1FAC3460F58D35C5B73AA76BBF17FA78ACC6D3BFB796A870DD44638F9AC3967E35217578A20D6F0B975CEEEEDBADFC9F65BE7E72C9
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": ".... ....."..   },..   "explanationofflinedisabled": {..      "message": "... ...... ... ........ ....... ... Google .......... ..... .... ...., ... .... .... ...... ........ .... ...... ... ...... Google ........ ...... .. ........ .. ... ... ...... ....... .... ...."..   },..   "explanationofflineenabled": {..      "message": "... ...... .., ..... ... ... .. ...... ..... ....... ... ... .. .... ... ..... ... ..."..   },..   "extdesc": {..      "message": "..... ........., ..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\hi\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1672
                          Entropy (8bit):4.314484457325167
                          Encrypted:false
                          SSDEEP:
                          MD5:98A7FC3E2E05AFFFC1CFE4A029F47476
                          SHA1:A17E077D6E6BA1D8A90C1F3FAF25D37B0FF5A6AD
                          SHA-256:D2D1AFA224CDA388FF1DC8FAC24CDA228D7CE09DE5D375947D7207FA4A6C4F8D
                          SHA-512:457E295C760ABFD29FC6BBBB7FC7D4959287BCA7FB0E3E99EB834087D17EED331DEF18138838D35C48C6DDC8A0134AFFFF1A5A24033F9B5607B355D3D48FDF88
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "... ....."..   },..   "explanationofflinedisabled": {..      "message": ".. ...... .... ....... ....... .. .... Google ........ .. ..... .... .. ..., .... ... ....... .. ...... .... .. Google ........ .. ........ .. ...... ... .... .. ...... ....... .... ....."..   },..   "explanationofflineenabled": {..      "message": ".. ...... ..., ..... .. .. .. ...... ...... ..... .. .... ... .. .. ...... ... .... ...."..   },..   "extdesc": {..      "message": ".... .... ....... ...... .. 
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\hr\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):935
                          Entropy (8bit):4.6369398601609735
                          Encrypted:false
                          SSDEEP:
                          MD5:25CDFF9D60C5FC4740A48EF9804BF5C7
                          SHA1:4FADECC52FB43AEC084DF9FF86D2D465FBEBCDC0
                          SHA-256:73E6E246CEEAB9875625CD4889FBF931F93B7B9DEAA11288AE1A0F8A6E311E76
                          SHA-512:EF00B08496427FEB5A6B9FB3FE2E5404525BE7C329D9DD2A417480637FD91885837D134A26980DCF9F61E463E6CB68F09A24402805807E656AF16B116A75E02C
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "IZRADI NOVI"..   },..   "explanationofflinedisabled": {..      "message": "Vi ste izvan mre.e. Da biste koristili Google dokumente bez internetske veze, idite na postavke na po.etnoj stranici Google dokumenata i uklju.ite izvanmre.nu sinkronizaciju sljede.i put kada se pove.ete s internetom."..   },..   "explanationofflineenabled": {..      "message": "Vi ste izvan mre.e, no i dalje mo.ete ure.ivati dostupne datoteke i izra.ivati nove."..   },..   "extdesc": {..      "message": "Uredite, izradite i pregledajte dokumente, prora.unske tablice i prezentacije . sve bez pristupa internetu."..   },..   "extname": {..      "message": "Google dokumenti izvanmre.no"..   },..   "learnmore": {..      "message": "Saznajte vi.e"..   },..   "popuphelptext": {..      "message": "Pi.ite, ure.ujte i sura.ujte gdje god se nalazili, povezani s internetom ili izvanmre.no."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\hu\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1065
                          Entropy (8bit):4.816501737523951
                          Encrypted:false
                          SSDEEP:
                          MD5:8930A51E3ACE3DD897C9E61A2AEA1D02
                          SHA1:4108506500C68C054BA03310C49FA5B8EE246EA4
                          SHA-256:958C0F664FCA20855FA84293566B2DDB7F297185619143457D6479E6AC81D240
                          SHA-512:126B80CD3428C0BC459EEAAFCBE4B9FDE2541A57F19F3EC7346BAF449F36DC073A9CF015594A57203255941551B25F6FAA6D2C73C57C44725F563883FF902606
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": ".J L.TREHOZ.SA"..   },..   "explanationofflinedisabled": {..      "message": "Jelenleg offline .llapotban van. Ha a Google Dokumentumokat internetkapcsolat n.lk.l szeretn. haszn.lni, a legk.zelebbi internethaszn.lata sor.n nyissa meg a Google Dokumentumok kezd.oldal.n tal.lhat. be.ll.t.sokat, .s tiltsa le az offline szinkroniz.l.s be.ll.t.st."..   },..   "explanationofflineenabled": {..      "message": "Offline .llapotban van, de az el.rhet. f.jlokat .gy is szerkesztheti, valamint l.trehozhat .jakat."..   },..   "extdesc": {..      "message": "Szerkesszen, hozzon l.tre .s tekintsen meg dokumentumokat, t.bl.zatokat .s prezent.ci.kat . ak.r internetkapcsolat n.lk.l is."..   },..   "extname": {..      "message": "Google Dokumentumok Offline"..   },..   "learnmore": {..      "message": "Tov.bbi inform.ci."..   },..   "popuphelptext": {..      "message": ".rjon, szerkesszen .s dolgozzon egy.tt m.sokkal
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\id\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):858
                          Entropy (8bit):4.474411340525479
                          Encrypted:false
                          SSDEEP:
                          MD5:34D6EE258AF9429465AE6A078C2FB1F5
                          SHA1:612CAE151984449A4346A66C0A0DF4235D64D932
                          SHA-256:E3C86DDD2EFEBE88EED8484765A9868202546149753E03A61EB7C28FD62CFCA1
                          SHA-512:20427807B64A0F79A6349F8A923152D9647DA95C05DE19AD3A4BF7DB817E25227F3B99307C8745DD323A6591B515221BD2F1E92B6F1A1783BDFA7142E84601B1
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "BUAT BARU"..   },..   "explanationofflinedisabled": {..      "message": "Anda sedang offline. Untuk menggunakan Google Dokumen tanpa koneksi internet, buka setelan di beranda Google Dokumen dan aktifkan sinkronisasi offline saat terhubung ke internet."..   },..   "explanationofflineenabled": {..      "message": "Anda sedang offline, namun Anda masih dapat mengedit file yang tersedia atau membuat file baru."..   },..   "extdesc": {..      "message": "Edit, buat, dan lihat dokumen, spreadsheet, dan presentasi . tanpa perlu akses internet."..   },..   "extname": {..      "message": "Google Dokumen Offline"..   },..   "learnmore": {..      "message": "Pelajari Lebih Lanjut"..   },..   "popuphelptext": {..      "message": "Tulis, edit, dan gabungkan di mana saja, dengan atau tanpa koneksi internet."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\it\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):899
                          Entropy (8bit):4.474743599345443
                          Encrypted:false
                          SSDEEP:
                          MD5:0D82B734EF045D5FE7AA680B6A12E711
                          SHA1:BD04F181E4EE09F02CD53161DCABCEF902423092
                          SHA-256:F41862665B13C0B4C4F562EF1743684CCE29D4BCF7FE3EA494208DF253E33885
                          SHA-512:01F305A280112482884485085494E871C66D40C0B03DE710B4E5F49C6A478D541C2C1FDA2CEAF4307900485946DEE9D905851E98A2EB237642C80D464D1B3ADA
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "CREA NUOVO"..   },..   "explanationofflinedisabled": {..      "message": "Sei offline. Per utilizzare Documenti Google senza una connessione Internet, apri le impostazioni nella home page di Documenti Google e attiva la sincronizzazione offline la prossima volta che ti colleghi a Internet."..   },..   "explanationofflineenabled": {..      "message": "Sei offline, ma puoi comunque modificare i file disponibili o crearne di nuovi."..   },..   "extdesc": {..      "message": "Modifica, crea e visualizza documenti, fogli di lavoro e presentazioni, senza accesso a Internet."..   },..   "extname": {..      "message": "Documenti Google offline"..   },..   "learnmore": {..      "message": "Ulteriori informazioni"..   },..   "popuphelptext": {..      "message": "Scrivi, modifica e collabora ovunque ti trovi, con o senza una connessione Internet."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\ja\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1160
                          Entropy (8bit):5.292894989863142
                          Encrypted:false
                          SSDEEP:
                          MD5:15EC1963FC113D4AD6E7E59AE5DE7C0A
                          SHA1:4017FC6D8B302335469091B91D063B07C9E12109
                          SHA-256:34AC08F3C4F2D42962A3395508818B48CA323D22F498738CC9F09E78CB197D73
                          SHA-512:427251F471FA3B759CA1555E9600C10F755BC023701D058FF661BEC605B6AB94CFB3456C1FEA68D12B4D815FFBAFABCEB6C12311DD1199FC783ED6863AF97C0F
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "...."..   },..   "explanationofflinedisabled": {..      "message": "....................... Google ............................... Google .............. [..] .......[.......] ..........."..   },..   "explanationofflineenabled": {..      "message": "............................................."..   },..   "extdesc": {..      "message": "........................................................."..   },..   "extname": {..      "message": "Google ..... ......"..   },..   "learnmore": {..      "message": ".."..   },..   "popuphelp
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\kn\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1895
                          Entropy (8bit):4.28990403715536
                          Encrypted:false
                          SSDEEP:
                          MD5:38BE0974108FC1CC30F13D8230EE5C40
                          SHA1:ACF44889DD07DB97D26D534AD5AFA1BC1A827BAD
                          SHA-256:30078EF35A76E02A400F03B3698708A0145D9B57241CC4009E010696895CF3A1
                          SHA-512:7BDB2BADE4680801FC3B33E82C8AA4FAC648F45C795B4BACE4669D6E907A578FF181C093464884C0E00C9762E8DB75586A253D55CD10A7777D281B4BFFAFE302
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "........ ....."..   },..   "explanationofflinedisabled": {..      "message": ".... ..................... ......... ............. Google ...... ....., Google ...... ............ ............... .... ..... ...... .... .... ............ ............. ........ ..... ... ....."..   },..   "explanationofflineenabled": {..      "message": ".... ...................., .... .... .... ......... ........... ............ .... ........ ..........".. 
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\ko\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1042
                          Entropy (8bit):5.3945675025513955
                          Encrypted:false
                          SSDEEP:
                          MD5:F3E59EEEB007144EA26306C20E04C292
                          SHA1:83E7BDFA1F18F4C7534208493C3FF6B1F2F57D90
                          SHA-256:C52D9B955D229373725A6E713334BBB31EA72EFA9B5CF4FBD76A566417B12CAC
                          SHA-512:7808CB5FF041B002CBD78171EC5A0B4DBA3E017E21F7E8039084C2790F395B839BEE04AD6C942EED47CCB53E90F6DE818A725D1450BF81BA2990154AFD3763AF
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": ".. ..."..   },..   "explanationofflinedisabled": {..      "message": ".... ...... ... .. .. Google Docs. ..... Google Docs .... .... .... .... .... ..... . .... .... ..... ......"..   },..   "explanationofflineenabled": {..      "message": ".... ...... ... .. ... ... ..... ... ... .. . ....."..   },..   "extdesc": {..      "message": ".... .... ... .., ...... . ....... .., .., ......"..   },..   "extname": {..      "message": "Google Docs ...."..   },..   "learnmore": {..      "message": "... ...."..   },..   "popuphelptext": {..      "message": "... .. ... .... ..... .... .... .....
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\lt\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1028
                          Entropy (8bit):4.797571191712988
                          Encrypted:false
                          SSDEEP:
                          MD5:970544AB4622701FFDF66DC556847652
                          SHA1:14BEE2B77EE74C5E38EBD1DB09E8D8104CF75317
                          SHA-256:5DFCBD4DFEAEC3ABE973A78277D3BD02CD77AE635D5C8CD1F816446C61808F59
                          SHA-512:CC12D00C10B970189E90D47390EEB142359A8D6F3A9174C2EF3AE0118F09C88AB9B689D9773028834839A7DFAF3AAC6747BC1DCB23794A9F067281E20B8DC6EA
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "SUKURTI NAUJ."..   },..   "explanationofflinedisabled": {..      "message": "Esate neprisijung.. Jei norite naudoti .Google. dokumentus be interneto ry.io, pagrindiniame .Google. dokument. puslapyje eikite . nustatym. skilt. ir .junkite sinchronizavim. neprisijungus, kai kit. kart. b.site prisijung. prie interneto."..   },..   "explanationofflineenabled": {..      "message": "Esate neprisijung., bet vis tiek galite redaguoti pasiekiamus failus arba sukurti nauj.."..   },..   "extdesc": {..      "message": "Redaguokite, kurkite ir per.i.r.kite savo dokumentus, skai.iuokles ir pristatymus . visk. darykite be prieigos prie interneto."..   },..   "extname": {..      "message": ".Google. dokumentai neprisijungus"..   },..   "learnmore": {..      "message": "Su.inoti daugiau"..   },..   "popuphelptext": {..      "message": "Ra.ykite, redaguokite ir bendradarbiaukite bet kurioje vietoje naudodami interneto ry.. arba
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\lv\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):994
                          Entropy (8bit):4.700308832360794
                          Encrypted:false
                          SSDEEP:
                          MD5:A568A58817375590007D1B8ABCAEBF82
                          SHA1:B0F51FE6927BB4975FC6EDA7D8A631BF0C1AB597
                          SHA-256:0621DE9161748F45D53052ED8A430962139D7F19074C7FFE7223ECB06B0B87DB
                          SHA-512:FCFBADEC9F73975301AB404DB6B09D31457FAC7CCAD2FA5BE348E1CAD6800F87CB5B56DE50880C55BBADB3C40423351A6B5C2D03F6A327D898E35F517B1C628C
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "IZVEIDOT JAUNU"..   },..   "explanationofflinedisabled": {..      "message": "J.s esat bezsaist.. Lai lietotu pakalpojumu Google dokumenti bez interneta savienojuma, n.kamaj. reiz., kad ir izveidots savienojums ar internetu, atveriet Google dokumentu s.kumlapas iestat.jumu izv.lni un iesl.dziet sinhroniz.ciju bezsaist.."..   },..   "explanationofflineenabled": {..      "message": "J.s esat bezsaist., ta.u varat redi..t pieejamos failus un izveidot jaunus."..   },..   "extdesc": {..      "message": "Redi..jiet, veidojiet un skatiet savus dokumentus, izkl.jlapas un prezent.cijas, neizmantojot savienojumu ar internetu."..   },..   "extname": {..      "message": "Google dokumenti bezsaist."..   },..   "learnmore": {..      "message": "Uzziniet vair.k"..   },..   "popuphelptext": {..      "message": "Rakstiet, redi..jiet un sadarbojieties ar interneta savienojumu vai bez t. neatkar.gi no t., kur atrodaties."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\ml\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):2091
                          Entropy (8bit):4.358252286391144
                          Encrypted:false
                          SSDEEP:
                          MD5:4717EFE4651F94EFF6ACB6653E868D1A
                          SHA1:B8A7703152767FBE1819808876D09D9CC1C44450
                          SHA-256:22CA9415E294D9C3EC3384B9D08CDAF5164AF73B4E4C251559E09E529C843EA6
                          SHA-512:487EAB4938F6BC47B1D77DD47A5E2A389B94E01D29849E38E96C95CABC7BD98679451F0E22D3FEA25C045558CD69FDDB6C4FEF7C581141F1C53C4AA17578D7F7
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "....... ............"..   },..   "explanationofflinedisabled": {..      "message": "...... ........... ........... ............. ..... Google ....... ..........., Google ....... .......... ............. .... ...... ...... ... ............... .................... '.......... ................' ........."..   },..   "explanationofflineenabled": {..      "message": "................., .......... ......... ....... ...... ..............
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\mr\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1719
                          Entropy (8bit):4.287702203591075
                          Encrypted:false
                          SSDEEP:
                          MD5:3B98C4ED8874A160C3789FEAD5553CFA
                          SHA1:5550D0EC548335293D962AAA96B6443DD8ABB9F6
                          SHA-256:ADEB082A9C754DFD5A9D47340A3DDCC19BF9C7EFA6E629A2F1796305F1C9A66F
                          SHA-512:5139B6C6DF9459C7B5CDC08A98348891499408CD75B46519BA3AC29E99AAAFCC5911A1DEE6C3A57E3413DBD0FAE72D7CBC676027248DCE6364377982B5CE4151
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": ".... .... ..."..   },..   "explanationofflinedisabled": {..      "message": "...... ...... ..... ......... ....... ....... ..... Google ....... ............, Google ....... .............. .......... .. ... ..... .... ...... ......... ...... ...... ...... .... .... ...."..   },..   "explanationofflineenabled": {..      "message": "...... ...... ...., ..... ...... ...... ...... .... ....... ... ..... .... .... ... ....."..   },..   "extdesc": {..      "message": "..... ..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\ms\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):936
                          Entropy (8bit):4.457879437756106
                          Encrypted:false
                          SSDEEP:
                          MD5:7D273824B1E22426C033FF5D8D7162B7
                          SHA1:EADBE9DBE5519BD60458B3551BDFC36A10049DD1
                          SHA-256:2824CF97513DC3ECC261F378BFD595AE95A5997E9D1C63F5731A58B1F8CD54F9
                          SHA-512:E5B611BBFAB24C9924D1D5E1774925433C65C322769E1F3B116254B1E9C69B6DF1BE7828141EEBBF7524DD179875D40C1D8F29C4FB86D663B8A365C6C60421A7
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "BUAT BAHARU"..   },..   "explanationofflinedisabled": {..      "message": "Anda berada di luar talian. Untuk menggunakan Google Docs tanpa sambungan Internet, pergi ke tetapan di halaman utama Google Docs dan hidupkan penyegerakan luar talian apabila anda disambungkan ke Internet selepas ini."..   },..   "explanationofflineenabled": {..      "message": "Anda berada di luar talian, tetapi anda masih boleh mengedit fail yang tersedia atau buat fail baharu."..   },..   "extdesc": {..      "message": "Edit, buat dan lihat dokumen, hamparan dan pembentangan anda . kesemuanya tanpa akses Internet."..   },..   "extname": {..      "message": "Google Docs Luar Talian"..   },..   "learnmore": {..      "message": "Ketahui Lebih Lanjut"..   },..   "popuphelptext": {..      "message": "Tulis, edit dan bekerjasama di mana-mana sahaja anda berada, dengan atau tanpa sambungan Internet."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\ne\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1898
                          Entropy (8bit):4.187050294267571
                          Encrypted:false
                          SSDEEP:
                          MD5:B1083DA5EC718D1F2F093BD3D1FB4F37
                          SHA1:74B6F050D918448396642765DEF1AD5390AB5282
                          SHA-256:E6ED0A023EF31705CCCBAF1E07F2B4B2279059296B5CA973D2070417BA16F790
                          SHA-512:7102B90ABBE2C811E8EE2F1886A73B1298D4F3D5D05F0FFDB57CF78B9A49A25023A290B255BAA4895BB150B388BAFD9F8432650B8C70A1A9A75083FFFCD74F1A
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": ".... ....... ........."..   },..   "explanationofflinedisabled": {..      "message": "..... ...... .......... .... ........ .... .... Google ........ ...... .... ..... ..... ... .......... ....... .... Google ........ .......... ..... .......... .. ...... ..... .... ..... ......... .. .........."..   },..   "explanationofflineenabled": {..      "message": "..... ...... ........., .. ..... ... ... ...... ....... ....... .. .... ....... ....
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\nl\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):914
                          Entropy (8bit):4.513485418448461
                          Encrypted:false
                          SSDEEP:
                          MD5:32DF72F14BE59A9BC9777113A8B21DE6
                          SHA1:2A8D9B9A998453144307DD0B700A76E783062AD0
                          SHA-256:F3FE1FFCB182183B76E1B46C4463168C746A38E461FD25CA91FF2A40846F1D61
                          SHA-512:E0966F5CCA5A8A6D91C58D716E662E892D1C3441DAA5D632E5E843839BB989F620D8AC33ED3EDBAFE18D7306B40CD0C4639E5A4E04DA2C598331DACEC2112AAD
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "NIEUW MAKEN"..   },..   "explanationofflinedisabled": {..      "message": "Je bent offline. Wil je Google Documenten zonder internetverbinding gebruiken, ga dan de volgende keer dat je verbinding met internet hebt naar 'Instellingen' op de homepage van Google Documenten en zet 'Offline synchronisatie' aan."..   },..   "explanationofflineenabled": {..      "message": "Je bent offline, maar je kunt nog wel beschikbare bestanden bewerken of nieuwe bestanden maken."..   },..   "extdesc": {..      "message": "Bewerk, maak en bekijk je documenten, spreadsheets en presentaties. Allemaal zonder internettoegang."..   },..   "extname": {..      "message": "Offline Documenten"..   },..   "learnmore": {..      "message": "Meer informatie"..   },..   "popuphelptext": {..      "message": "Overal schrijven, bewerken en samenwerken, met of zonder internetverbinding."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\no\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):878
                          Entropy (8bit):4.4541485835627475
                          Encrypted:false
                          SSDEEP:
                          MD5:A1744B0F53CCF889955B95108367F9C8
                          SHA1:6A5A6771DFF13DCB4FD425ED839BA100B7123DE0
                          SHA-256:21CEFF02B45A4BFD60D144879DFA9F427949A027DD49A3EB0E9E345BD0B7C9A8
                          SHA-512:F55E43F14514EECB89F6727A0D3C234149609020A516B193542B5964D2536D192F40CC12D377E70C683C269A1BDCDE1C6A0E634AA84A164775CFFE776536A961
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "OPPRETT NYTT"..   },..   "explanationofflinedisabled": {..      "message": "Du er uten nett. For . bruke Google Dokumenter uten internettilkobling, g. til innstillingene p. Google Dokumenter-nettsiden og sl. p. synkronisering uten nett neste gang du er koblet til Internett."..   },..   "explanationofflineenabled": {..      "message": "Du er uten nett, men du kan likevel endre tilgjengelige filer eller opprette nye."..   },..   "extdesc": {..      "message": "Rediger, opprett og se dokumentene, regnearkene og presentasjonene dine . uten nettilgang."..   },..   "extname": {..      "message": "Google Dokumenter uten nett"..   },..   "learnmore": {..      "message": "Finn ut mer"..   },..   "popuphelptext": {..      "message": "Skriv, rediger eller samarbeid uansett hvor du er, med eller uten internettilkobling."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\pl\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):978
                          Entropy (8bit):4.879137540019932
                          Encrypted:false
                          SSDEEP:
                          MD5:B8D55E4E3B9619784AECA61BA15C9C0F
                          SHA1:B4A9C9885FBEB78635957296FDDD12579FEFA033
                          SHA-256:E00FF20437599A5C184CA0C79546CB6500171A95E5F24B9B5535E89A89D3EC3D
                          SHA-512:266589116EEE223056391C65808255EDAE10EB6DC5C26655D96F8178A41E283B06360AB8E08AC3857D172023C4F616EF073D0BEA770A3B3DD3EE74F5FFB2296B
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "UTW.RZ NOWY"..   },..   "explanationofflinedisabled": {..      "message": "Jeste. offline. Aby korzysta. z Dokument.w Google bez po..czenia internetowego, otw.rz ustawienia na stronie g..wnej Dokument.w Google i w..cz synchronizacj. offline nast.pnym razem, gdy b.dziesz mie. dost.p do internetu."..   },..   "explanationofflineenabled": {..      "message": "Jeste. offline, ale nadal mo.esz edytowa. dost.pne pliki i tworzy. nowe."..   },..   "extdesc": {..      "message": "Edytuj, tw.rz i wy.wietlaj swoje dokumenty, arkusze kalkulacyjne oraz prezentacje bez konieczno.ci ..czenia si. z internetem."..   },..   "extname": {..      "message": "Dokumenty Google offline"..   },..   "learnmore": {..      "message": "Wi.cej informacji"..   },..   "popuphelptext": {..      "message": "Pisz, edytuj i wsp..pracuj, gdziekolwiek jeste. . niezale.nie od tego, czy masz po..czenie z internetem."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\pt_BR\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):907
                          Entropy (8bit):4.599411354657937
                          Encrypted:false
                          SSDEEP:
                          MD5:608551F7026E6BA8C0CF85D9AC11F8E3
                          SHA1:87B017B2D4DA17E322AF6384F82B57B807628617
                          SHA-256:A73EEA087164620FA2260D3910D3FBE302ED85F454EDB1493A4F287D42FC882F
                          SHA-512:82F52F8591DB3C0469CC16D7CBFDBF9116F6D5B5D2AD02A3D8FA39CE1378C64C0EA80AB8509519027F71A89EB8BBF38A8702D9AD26C8E6E0F499BF7DA18BF747
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "CRIAR NOVO"..   },..   "explanationofflinedisabled": {..      "message": "Voc. est. off-line. Para usar o Documentos Google sem conex.o com a Internet, na pr.xima vez que se conectar, acesse as configura..es na p.gina inicial do Documentos Google e ative a sincroniza..o off-line."..   },..   "explanationofflineenabled": {..      "message": "Voc. est. off-line, mas mesmo assim pode editar os arquivos dispon.veis ou criar novos arquivos."..   },..   "extdesc": {..      "message": "Edite, crie e veja seus documentos, planilhas e apresenta..es sem precisar de acesso . Internet."..   },..   "extname": {..      "message": "Documentos Google off-line"..   },..   "learnmore": {..      "message": "Saiba mais"..   },..   "popuphelptext": {..      "message": "Escreva, edite e colabore onde voc. estiver, com ou sem conex.o com a Internet."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\pt_PT\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):914
                          Entropy (8bit):4.604761241355716
                          Encrypted:false
                          SSDEEP:
                          MD5:0963F2F3641A62A78B02825F6FA3941C
                          SHA1:7E6972BEAB3D18E49857079A24FB9336BC4D2D48
                          SHA-256:E93B8E7FB86D2F7DFAE57416BB1FB6EE0EEA25629B972A5922940F0023C85F90
                          SHA-512:22DD42D967124DA5A2209DD05FB6AD3F5D0D2687EA956A22BA1E31C56EC09DEB53F0711CD5B24D672405358502E9D1C502659BB36CED66CAF83923B021CA0286
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "CRIAR NOVO"..   },..   "explanationofflinedisabled": {..      "message": "Est. offline. Para utilizar o Google Docs sem uma liga..o . Internet, aceda .s defini..es na p.gina inicial do Google Docs e ative a sincroniza..o offline da pr.xima vez que estiver ligado . Internet."..   },..   "explanationofflineenabled": {..      "message": "Est. offline, mas continua a poder editar os ficheiros dispon.veis ou criar novos ficheiros."..   },..   "extdesc": {..      "message": "Edite, crie e veja os documentos, as folhas de c.lculo e as apresenta..es, tudo sem precisar de aceder . Internet."..   },..   "extname": {..      "message": "Google Docs offline"..   },..   "learnmore": {..      "message": "Saber mais"..   },..   "popuphelptext": {..      "message": "Escreva edite e colabore onde quer que esteja, com ou sem uma liga..o . Internet."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\ro\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):937
                          Entropy (8bit):4.686555713975264
                          Encrypted:false
                          SSDEEP:
                          MD5:BED8332AB788098D276B448EC2B33351
                          SHA1:6084124A2B32F386967DA980CBE79DD86742859E
                          SHA-256:085787999D78FADFF9600C9DC5E3FF4FB4EB9BE06D6BB19DF2EEF8C284BE7B20
                          SHA-512:22596584D10707CC1C8179ED3ABE46EF2C314CF9C3D0685921475944B8855AAB660590F8FA1CFDCE7976B4BB3BD9ABBBF053F61F1249A325FD0094E1C95692ED
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "CREEAZ. UN DOCUMENT"..   },..   "explanationofflinedisabled": {..      "message": "E.ti offline. Pentru a utiliza Documente Google f.r. conexiune la internet, intr. .n set.rile din pagina principal. Documente Google .i activeaz. sincronizarea offline data viitoare c.nd e.ti conectat(.) la internet."..   },..   "explanationofflineenabled": {..      "message": "E.ti offline, dar po.i .nc. s. editezi fi.ierele disponibile sau s. creezi altele."..   },..   "extdesc": {..      "message": "Editeaz., creeaz. .i acceseaz. documente, foi de calcul .i prezent.ri - totul f.r. acces la internet."..   },..   "extname": {..      "message": "Documente Google Offline"..   },..   "learnmore": {..      "message": "Afl. mai multe"..   },..   "popuphelptext": {..      "message": "Scrie, editeaz. .i colaboreaz. oriunde ai fi, cu sau f.r. conexiune la internet."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\ru\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1337
                          Entropy (8bit):4.69531415794894
                          Encrypted:false
                          SSDEEP:
                          MD5:51D34FE303D0C90EE409A2397FCA437D
                          SHA1:B4B9A7B19C62D0AA95D1F10640A5FBA628CCCA12
                          SHA-256:BE733625ACD03158103D62BC0EEF272CA3F265AC30C87A6A03467481A177DAE3
                          SHA-512:E8670DED44DC6EE30E5F41C8B2040CF8A463CD9A60FC31FA70EB1D4C9AC1A3558369792B5B86FA761A21F5266D5A35E5C2C39297F367DAA84159585C19EC492A
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "......."..   },..   "explanationofflinedisabled": {..      "message": "..... ............ Google ......... ... ........., ............ . .... . ......... ............. . ......-...... . .......... .. ......... ........."..   },..   "explanationofflineenabled": {..      "message": "... ........... . .......... .. ...... ......... ..... ..... . ............. .., . ....... ........ ......-......."..   },..   "extdesc": {..      "message": ".........., .............. . ............ ........., ....... . ........... ... ....... . .........."..   },..   "extname": {..      "message": "Google.......... ......"..   },..   "learnmore": {.
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\sk\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):934
                          Entropy (8bit):4.882122893545996
                          Encrypted:false
                          SSDEEP:
                          MD5:8E55817BF7A87052F11FE554A61C52D5
                          SHA1:9ABDC0725FE27967F6F6BE0DF5D6C46E2957F455
                          SHA-256:903060EC9E76040B46DEB47BBB041D0B28A6816CB9B892D7342FC7DC6782F87C
                          SHA-512:EFF9EC7E72B272DDE5F29123653BC056A4BC2C3C662AE3C448F8CB6A4D1865A0679B7E74C1B3189F3E262109ED6BC8F8D2BDE14AEFC8E87E0F785AE4837D01C7
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "VYTVORI. NOV."..   },..   "explanationofflinedisabled": {..      "message": "Ste offline. Ak chcete pou.i. Dokumenty Google bez pripojenia na internet, po najbli..om pripojen. na internet prejdite do nastaven. na domovskej str.nke Dokumentov Google a.zapnite offline synchroniz.ciu."..   },..   "explanationofflineenabled": {..      "message": "Ste offline, no st.le m..ete upravova. dostupn. s.bory a.vytv.ra. nov.."..   },..   "extdesc": {..      "message": ".prava, tvorba a.zobrazenie dokumentov, tabuliek a.prezent.ci.. To v.etko bez pr.stupu na internet."..   },..   "extname": {..      "message": "Dokumenty Google v re.ime offline"..   },..   "learnmore": {..      "message": ".al.ie inform.cie"..   },..   "popuphelptext": {..      "message": "P..te, upravujte a.spolupracuje, kdeko.vek ste, a.to s.pripojen.m na internet aj bez neho."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\sl\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):963
                          Entropy (8bit):4.6041913416245
                          Encrypted:false
                          SSDEEP:
                          MD5:BFAEFEFF32813DF91C56B71B79EC2AF4
                          SHA1:F8EDA2B632610972B581724D6B2F9782AC37377B
                          SHA-256:AAB9CF9098294A46DC0F2FA468AFFF7CA7C323A1A0EFA70C9DB1E3A4DA05D1D4
                          SHA-512:971F2BBF5E9C84DE3D31E5F2A4D1A00D891A2504F8AF6D3F75FC19056BFD059A270C4C9836AF35258ABA586A1888133FB22B484F260C1CBC2D1D17BC3B4451AA
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "USTVARI NOVO"..   },..   "explanationofflinedisabled": {..      "message": "Nimate vzpostavljene povezave. .e .elite uporabljati Google Dokumente brez internetne povezave, odprite nastavitve na doma.i strani Google Dokumentov in vklopite sinhronizacijo brez povezave, ko naslednji. vzpostavite internetno povezavo."..   },..   "explanationofflineenabled": {..      "message": "Nimate vzpostavljene povezave, vendar lahko .e vedno urejate razpolo.ljive datoteke ali ustvarjate nove."..   },..   "extdesc": {..      "message": "Urejajte, ustvarjajte in si ogledujte dokumente, preglednice in predstavitve . vse to brez internetnega dostopa."..   },..   "extname": {..      "message": "Google Dokumenti brez povezave"..   },..   "learnmore": {..      "message": "Ve. o tem"..   },..   "popuphelptext": {..      "message": "Pi.ite, urejajte in sodelujte, kjer koli ste, z internetno povezavo ali brez nje."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\sr\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1320
                          Entropy (8bit):4.569671329405572
                          Encrypted:false
                          SSDEEP:
                          MD5:7F5F8933D2D078618496C67526A2B066
                          SHA1:B7050E3EFA4D39548577CF47CB119FA0E246B7A4
                          SHA-256:4E8B69E864F57CDDD4DC4E4FAF2C28D496874D06016BC22E8D39E0CB69552769
                          SHA-512:0FBAB56629368EEF87DEEF2977CA51831BEB7DEAE98E02504E564218425C751853C4FDEAA40F51ECFE75C633128B56AE105A6EB308FD5B4A2E983013197F5DBA
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "....... ...."..   },..   "explanationofflinedisabled": {..      "message": "...... .... .. ..... ......... Google ......... ... ........ ...., ..... . .......... .. ........ ........ Google .......... . ........ ...... .............. ... ....... ... ...... ........ .. ..........."..   },..   "explanationofflineenabled": {..      "message": "...... ..., ... . .... ...... .. ....... ...... . ........ ........ ... .. ....... ....."..   },..   "extdesc": {..      "message": "....... . ........... ........., ...... . ............ . ....... ...... . ... . ... .. ... ........ ........."..   },..   "extname": {..      "message
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\sv\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):884
                          Entropy (8bit):4.627108704340797
                          Encrypted:false
                          SSDEEP:
                          MD5:90D8FB448CE9C0B9BA3D07FB8DE6D7EE
                          SHA1:D8688CAC0245FD7B886D0DEB51394F5DF8AE7E84
                          SHA-256:64B1E422B346AB77C5D1C77142685B3FF7661D498767D104B0C24CB36D0EB859
                          SHA-512:6D58F49EE3EF0D3186EA036B868B2203FE936CE30DC8E246C32E90B58D9B18C624825419346B62AF8F7D61767DBE9721957280AA3C524D3A5DFB1A3A76C00742
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "SKAPA NYTT"..   },..   "explanationofflinedisabled": {..      "message": "Du .r offline. Om du vill anv.nda Google Dokument utan internetuppkoppling, .ppna inst.llningarna p. Google Dokuments startsida och aktivera offlinesynkronisering n.sta g.ng du .r ansluten till internet."..   },..   "explanationofflineenabled": {..      "message": "Du .r offline, men det g.r fortfarande att redigera tillg.ngliga filer eller skapa nya."..   },..   "extdesc": {..      "message": "Redigera, skapa och visa dina dokument, kalkylark och presentationer . helt utan internet.tkomst."..   },..   "extname": {..      "message": "Google Dokument Offline"..   },..   "learnmore": {..      "message": "L.s mer"..   },..   "popuphelptext": {..      "message": "Skriv, redigera och samarbeta .verallt, med eller utan internetanslutning."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\sw\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):980
                          Entropy (8bit):4.50673686618174
                          Encrypted:false
                          SSDEEP:
                          MD5:D0579209686889E079D87C23817EDDD5
                          SHA1:C4F99E66A5891973315D7F2BC9C1DAA524CB30DC
                          SHA-256:0D20680B74AF10EF8C754FCDE259124A438DCE3848305B0CAF994D98E787D263
                          SHA-512:D59911F91ED6C8FF78FD158389B4D326DAF4C031B940C399569FE210F6985E23897E7F404B7014FC7B0ACEC086C01CC5F76354F7E5D3A1E0DEDEF788C23C2978
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "FUNGUA MPYA"..   },..   "explanationofflinedisabled": {..      "message": "Haupo mtandaoni. Ili uweze kutumia Hati za Google bila muunganisho wa intaneti, wakati utakuwa umeunganishwa kwenye intaneti, nenda kwenye sehemu ya mipangilio kwenye ukurasa wa kwanza wa Hati za Google kisha uwashe kipengele cha usawazishaji nje ya mtandao."..   },..   "explanationofflineenabled": {..      "message": "Haupo mtandaoni, lakini bado unaweza kubadilisha faili zilizopo au uunde mpya."..   },..   "extdesc": {..      "message": "Badilisha, unda na uangalie hati, malahajedwali na mawasilisho yako . yote bila kutumia muunganisho wa intaneti."..   },..   "extname": {..      "message": "Hati za Google Nje ya Mtandao"..   },..   "learnmore": {..      "message": "Pata Maelezo Zaidi"..   },..   "popuphelptext": {..      "message": "Andika hati, zibadilishe na ushirikiane na wengine popote ulipo, iwe una muunganisho wa intaneti au huna."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\ta\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1941
                          Entropy (8bit):4.132139619026436
                          Encrypted:false
                          SSDEEP:
                          MD5:DCC0D1725AEAEAAF1690EF8053529601
                          SHA1:BB9D31859469760AC93E84B70B57909DCC02EA65
                          SHA-256:6282BF9DF12AD453858B0B531C8999D5FD6251EB855234546A1B30858462231A
                          SHA-512:6243982D764026D342B3C47C706D822BB2B0CAFFA51F0591D8C878F981EEF2A7FC68B76D012630B1C1EB394AF90EB782E2B49329EB6538DD5608A7F0791FDCF5
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "..... ....... ........."..   },..   "explanationofflinedisabled": {..      "message": ".......... ........... .... ....... ..... Google ......... .........., ...... .... ........... ......... ...., Google ... ................... ................ ......, ........ ......... .........."..   },..   "explanationofflineenabled": {..      "message": ".......... ..........., .......... .......... .......... ......... ........... ...... .....
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\te\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1969
                          Entropy (8bit):4.327258153043599
                          Encrypted:false
                          SSDEEP:
                          MD5:385E65EF723F1C4018EEE6E4E56BC03F
                          SHA1:0CEA195638A403FD99BAEF88A360BD746C21DF42
                          SHA-256:026C164BAE27DBB36A564888A796AA3F188AAD9E0C37176D48910395CF772CEA
                          SHA-512:E55167CB5638E04DF3543D57C8027B86B9483BFCAFA8E7C148EDED66454AEBF554B4C1CF3C33E93EC63D73E43800D6A6E7B9B1A1B0798B6BDB2F699D3989B052
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "..... ...... ........ ......"..   },..   "explanationofflinedisabled": {..      "message": ".... ........... ........ ......... ........ ....... Google Docs... .............., .... ............ ....... ..... ...... .... Google Docs .... ...... ............. ......, ........ ........ ... ......."..   },..   "explanationofflineenabled": {..      "message": ".... ........... ......., .... .... ........ .......... .... ....... ..... ....... .... ..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\th\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1674
                          Entropy (8bit):4.343724179386811
                          Encrypted:false
                          SSDEEP:
                          MD5:64077E3D186E585A8BEA86FF415AA19D
                          SHA1:73A861AC810DABB4CE63AD052E6E1834F8CA0E65
                          SHA-256:D147631B2334A25B8AA4519E4A30FB3A1A85B6A0396BC688C68DC124EC387D58
                          SHA-512:56DD389EB9DD335A6214E206B3BF5D63562584394D1DE1928B67D369E548477004146E6CB2AD19D291CB06564676E2B2AC078162356F6BC9278B04D29825EF0C
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "........."..   },..   "explanationofflinedisabled": {..      "message": ".............. ............. Google .................................... ............................... Google ...... ................................................................."..   },..   "explanationofflineenabled": {..      "message": "................................................................"..   },..   "extdesc": {..      "message": "..... ..... ........
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\tr\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1063
                          Entropy (8bit):4.853399816115876
                          Encrypted:false
                          SSDEEP:
                          MD5:76B59AAACC7B469792694CF3855D3F4C
                          SHA1:7C04A2C1C808FA57057A4CCEEE66855251A3C231
                          SHA-256:B9066A162BEE00FD50DC48C71B32B69DFFA362A01F84B45698B017A624F46824
                          SHA-512:2E507CA6874DE8028DC769F3D9DFD9E5494C268432BA41B51568D56F7426F8A5F2E5B111DDD04259EB8D9A036BB4E3333863A8FC65AAB793BCEF39EDFE41403B
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "YEN. OLU.TUR"..   },..   "explanationofflinedisabled": {..      "message": ".nternet'e ba.l. de.ilsiniz. Google Dok.manlar'. .nternet ba.lant.s. olmadan kullanmak i.in, .nternet'e ba.lanabildi.inizde Google Dok.manlar ana sayfas.nda Ayarlar'a gidin ve .evrimd... senkronizasyonu etkinle.tirin."..   },..   "explanationofflineenabled": {..      "message": ".nternet'e ba.l. de.ilsiniz. Ancak, yine de mevcut dosyalar. d.zenleyebilir veya yeni dosyalar olu.turabilirsiniz."..   },..   "extdesc": {..      "message": "Dok.man, e-tablo ve sunu olu.turun, bunlar. d.zenleyin ve g.r.nt.leyin. T.m bu i.lemleri internet eri.imi olmadan yapabilirsiniz."..   },..   "extname": {..      "message": "Google Dok.manlar .evrimd..."..   },..   "learnmore": {..      "message": "Daha Fazla Bilgi"..   },..   "popuphelptext": {..      "message": ".nternet ba.lant.n.z olsun veya olmas.n, nerede olursan.z olun yaz.n, d.zenl
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\uk\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1333
                          Entropy (8bit):4.686760246306605
                          Encrypted:false
                          SSDEEP:
                          MD5:970963C25C2CEF16BB6F60952E103105
                          SHA1:BBDDACFEEE60E22FB1C130E1EE8EFDA75EA600AA
                          SHA-256:9FA26FF09F6ACDE2457ED366C0C4124B6CAC1435D0C4FD8A870A0C090417DA19
                          SHA-512:1BED9FE4D4ADEED3D0BC8258D9F2FD72C6A177C713C3B03FC6F5452B6D6C2CB2236C54EA972ECE7DBFD756733805EB2352CAE44BAB93AA8EA73BB80460349504
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "........"..   },..   "explanationofflinedisabled": {..      "message": ".. . ...... ....... ... ............. Google ........... ... ......... . .........., ......... . ............ .. ........ ........ Google .......... . ......... ......-............., .... ...... . ......."..   },..   "explanationofflineenabled": {..      "message": ".. . ...... ......, ..... ... .... ...... .......... ........ ..... ... .......... ....."..   },..   "extdesc": {..      "message": "........., ......... . ............ ........., .......... ....... .. ........... ... ....... .. .........."..   },..   "extname": {..      "message": "Goo
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\ur\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1263
                          Entropy (8bit):4.861856182762435
                          Encrypted:false
                          SSDEEP:
                          MD5:8B4DF6A9281333341C939C244DDB7648
                          SHA1:382C80CAD29BCF8AAF52D9A24CA5A6ECF1941C6B
                          SHA-256:5DA836224D0F3A96F1C5EB5063061AAD837CA9FC6FED15D19C66DA25CF56F8AC
                          SHA-512:FA1C015D4EA349F73468C78FDB798D462EEF0F73C1A762298798E19F825E968383B0A133E0A2CE3B3DF95F24C71992235BFC872C69DC98166B44D3183BF8A9E5
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "... ......"..   },..   "explanationofflinedisabled": {..      "message": ".. .. .... .... Google Docs .. .... ....... ..... ....... .... ..... .... ... .. .. ....... .. ..... ... .. Google Docs ... ... .. ....... .. ..... ... .. .... ...... ..... .. .. ....."..   },..   "explanationofflineenabled": {..      "message": ".. .. .... ... .... .. ... ... ...... ..... ... ..... .. .... ... .. ... ..... ... .... ...."..   },..   "extdesc": {..      "message": ".......... .......... ... ....... . .... ... ....... .. ..... .. .... ...... ..... .... ... ..... ......."..   },..   "extname": {..      "message": "Google Docs .. ...."..   },..   "learnmore": {.. 
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\vi\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):1074
                          Entropy (8bit):5.062722522759407
                          Encrypted:false
                          SSDEEP:
                          MD5:773A3B9E708D052D6CBAA6D55C8A5438
                          SHA1:5617235844595D5C73961A2C0A4AC66D8EA5F90F
                          SHA-256:597C5F32BC999746BC5C2ED1E5115C523B7EB1D33F81B042203E1C1DF4BBCAFE
                          SHA-512:E5F906729E38B23F64D7F146FA48F3ABF6BAED9AAFC0E5F6FA59F369DC47829DBB4BFA94448580BD61A34E844241F590B8D7AEC7091861105D8EBB2590A3BEE9
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "T.O M.I"..   },..   "explanationofflinedisabled": {..      "message": "B.n .ang ngo.i tuy.n. .. s. d.ng Google T.i li.u m. kh.ng c.n k.t n.i Internet, .i ..n c.i ..t tr.n trang ch. c.a Google T.i li.u v. b.t ..ng b. h.a ngo.i tuy.n v.o l.n ti.p theo b.n ...c k.t n.i v.i m.ng Internet."..   },..   "explanationofflineenabled": {..      "message": "B.n .ang ngo.i tuy.n, tuy nhi.n b.n v.n c. th. ch.nh s.a c.c t.p c. s.n ho.c t.o c.c t.p m.i."..   },..   "extdesc": {..      "message": "Ch.nh s.a, t.o v. xem t.i li.u, b.ng t.nh v. b.n tr.nh b.y . t.t c. m. kh.ng c.n truy c.p Internet."..   },..   "extname": {..      "message": "Google T.i li.u ngo.i tuy.n"..   },..   "learnmore": {..      "message": "Ti.m hi..u th.m"..   },..   "popuphelptext": {..      "message": "Vi.t, ch.nh s.a v. c.ng t.c 
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\zh_CN\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):879
                          Entropy (8bit):5.7905809868505544
                          Encrypted:false
                          SSDEEP:
                          MD5:3E76788E17E62FB49FB5ED5F4E7A3DCE
                          SHA1:6904FFA0D13D45496F126E58C886C35366EFCC11
                          SHA-256:E72D0BB08CC3005556E95A498BD737E7783BB0E56DCC202E7D27A536616F5EE0
                          SHA-512:F431E570AB5973C54275C9EEF05E49E6FE2D6C17000F98D672DD31F9A1FAD98E0D50B5B0B9CF85D5BBD3B655B93FD69768C194C8C1688CB962AA75FF1AF9BDB6
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": ".."..   },..   "explanationofflinedisabled": {..      "message": "....................... Google ................ Google ...................."..   },..   "explanationofflineenabled": {..      "message": "............................."..   },..   "extdesc": {..      "message": "...................... - ........"..   },..   "extname": {..      "message": "Google ......."..   },..   "learnmore": {..      "message": "...."..   },..   "popuphelptext": {..      "message": "..............................."..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_locales\zh_TW\messages.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):843
                          Entropy (8bit):5.76581227215314
                          Encrypted:false
                          SSDEEP:
                          MD5:0E60627ACFD18F44D4DF469D8DCE6D30
                          SHA1:2BFCB0C3CA6B50D69AD5745FA692BAF0708DB4B5
                          SHA-256:F94C6DDEDF067642A1AF18D629778EC65E02B6097A8532B7E794502747AEB008
                          SHA-512:6FF517EED4381A61075AC7C8E80C73FAFAE7C0583BA4FA7F4951DD7DBE183C253702DEE44B3276EFC566F295DAC1592271BE5E0AC0C7D2C9F6062054418C7C27
                          Malicious:false
                          Reputation:unknown
                          Preview:{..   "createnew": {..      "message": "....."..   },..   "explanationofflinedisabled": {..      "message": ".................. Google ................ Google ................."..   },..   "explanationofflineenabled": {..      "message": "........................."..   },..   "extdesc": {..      "message": "............................."..   },..   "extname": {..      "message": "Google ....."..   },..   "learnmore": {..      "message": "...."..   },..   "popuphelptext": {..      "message": "................................"..   }..}..
                          C:\Users\user\AppData\Local\Temp\scoped_dir7116_142696878\CRX_INSTALL\_metadata\verified_contents.json
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          File Type:JSON data
                          Category:dropped
                          Size (bytes):11280
                          Entropy (8bit):5.753540530582996
                          Encrypted:false
                          SSDEEP:
                          MD5:3B2ADA9A6C4A36317B9F2FD4DC477286
                          SHA1:AAA98236263AF2E89EC656FB77C1CE6109A0C406
                          SHA-256:D65B75256E92E254A2901FC8B098B085BACDE8C8B4573D62A767685C99CF4E13
                          SHA-512:9999147C4A20D03E11E2493FC74BA6EF4BDE16F173E66A9E32D4E1AC136BFA205C64FD43349FBEA07FFCBC855BF07CF2D15B1F274CA80B1BFC8463F6AA4AB2F1
                          Malicious:false
                          Reputation:unknown
                          Preview:[{"description":"treehash per file","signed_content":{"payload":"eyJjb250ZW50X2hhc2hlcyI6W3siYmxvY2tfc2l6ZSI6NDA5NiwiZGlnZXN0Ijoic2hhMjU2IiwiZmlsZXMiOlt7InBhdGgiOiIxMjgucG5nIiwicm9vdF9oYXNoIjoiZ2NWZy0xWWgySktRNVFtUmtjZGNmamU1dzVIc1JNN1ZCTmJyaHJ4eGZ5ZyJ9LHsicGF0aCI6Il9sb2NhbGVzL2FmL21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJxaElnV3hDSFVNLWZvSmVFWWFiWWlCNU9nTm9ncUViWUpOcEFhZG5KR0VjIn0seyJwYXRoIjoiX2xvY2FsZXMvYW0vbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IlpPQWJ3cEs2THFGcGxYYjh4RVUyY0VkU0R1aVY0cERNN2lEQ1RKTTIyTzgifSx7InBhdGgiOiJfbG9jYWxlcy9hci9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiUjJVaEZjdTVFcEJfUUZtU19QeGstWWRrSVZqd3l6WEoxdURVZEMyRE9BSSJ9LHsicGF0aCI6Il9sb2NhbGVzL2F6L21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJZVVJ3Mmp4UU5Lem1TZkY0YS1xcTBzbFBSSFc4eUlXRGtMY2g4Ry0zdjJRIn0seyJwYXRoIjoiX2xvY2FsZXMvYmUvbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IjNmRm9XYUZmUHJNelRXSkJsMXlqbUlyRDZ2dzlsa1VxdzZTdjAyUk1oVkEifSx7InBhdGgiOiJfbG9jYWxlcy9iZy9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiSXJ3M3RIem9xREx6bHdGa0hjTllOWFoyNmI0WWVwT2t4ZFN
                          C:\Users\user\AppData\Local\Temp\~DF17E9DDF6AEF0310D.TMP
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                          File Type:data
                          Category:dropped
                          Size (bytes):163840
                          Entropy (8bit):0.34332525054192675
                          Encrypted:false
                          SSDEEP:
                          MD5:9230E8C2BE720557E35AB9C282C362A2
                          SHA1:A210854D651AB0FBF527D718B2D0763EF2936F72
                          SHA-256:9BC9AEA9E563A51C1C7B2F3BC454E4776B45A29E8C474EFAC9D10F2BC4427D4B
                          SHA-512:16E37E4632F42EA1BA3986E5EC95A534351CFB836B0B0A58C7D49DE82C0AA530630D585691E4E1FB0625C7A6EB4871866812C37972667E344C8E631FE37903C7
                          Malicious:false
                          Reputation:unknown
                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Roaming\Microsoft\Office\MSO3072.acl
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                          File Type:data
                          Category:dropped
                          Size (bytes):30
                          Entropy (8bit):1.2389205950315936
                          Encrypted:false
                          SSDEEP:
                          MD5:2E3D00DAF15BDB8422CBE1540159600E
                          SHA1:63ED0989058A73F83E07CF90E4EC61969A223DF0
                          SHA-256:AAA56BB4A3DEC781EABC024717855C25964C158D27300FF9646FD934FD1F6852
                          SHA-512:D24397D9C3AFA2A4C8FC61C5DFBD35B614A2882BAFDAD0B1F2734D0EDF459D12E65DCAF4BC34F80B4BC9DC3C4A45BB5062CB1A1B96F292766064E06FC7B56B6F
                          Malicious:false
                          Reputation:unknown
                          Preview:....%.........................
                          C:\Users\user\AppData\Roaming\Microsoft\Outlook\NoEmail.srs
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                          File Type:Composite Document File V2 Document, Cannot read section info
                          Category:dropped
                          Size (bytes):16384
                          Entropy (8bit):0.670318416006586
                          Encrypted:false
                          SSDEEP:
                          MD5:25246E8A3567D80559872FF57B9C30A6
                          SHA1:AADC4227A31FA1DF4756222D9A20D4758AF2B1B9
                          SHA-256:0713B2F362D1904FB3D6D4BC1D24DFFF85038407E96045E86BA02C9FD378881A
                          SHA-512:86A42F42B86850D7811CEFAB1EFA1D26A1F347A47C8D769FDEF932614F0A24790DC655F34CFFEE100665A9B7DEED51C4480B67F3B234E7E64D61277D90F261B5
                          Malicious:false
                          Reputation:unknown
                          Preview:......................>...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
                          Download File
      
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct  3 09:48:42 2023, mtime=Mon Sep 30 12:43:43 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                          Category:dropped
                          Size (bytes):2673
                          Entropy (8bit):3.976575224232581
                          Encrypted:false
                          SSDEEP:
                          MD5:C985F4C1328CA387E2456D48927BAEF9
                          SHA1:288D13E9ECEA24D5C7F5945349D101B16699DDAC
                          SHA-256:B926C1B3878BBF4EB9A693F86AF29B3D46D1F0A6066B4B4338AD1D926FAAD048
                          SHA-512:D94FD5551851BD28C468783DBCB6024DCCFC6AAF291F656109F89C3AB7DE90F6B5FACDD83FA97BAAD0599F8A4CB42141AF1EF8233B7064724DA7AFA1944156FC
                          Malicious:false
                          Reputation:unknown
                          Preview:L..................F.@.. ...$+.,........>...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I>Yhm....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>Ytm....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V>Ytm....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V>Ytm..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V>Yvm...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............l.-.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
                          Download File
      
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct  3 09:48:42 2023, mtime=Mon Sep 30 12:43:43 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                          Category:dropped
                          Size (bytes):2675
                          Entropy (8bit):3.992788347146632
                          Encrypted:false
                          SSDEEP:
                          MD5:8DFE5E9B113071058D52A92CE85B7FD7
                          SHA1:54736FA937A08C0E97459ED205B09DFDE5C948D8
                          SHA-256:8DADA74D08C64AD483F84960F5A2E144064BC459858CD70E8F1F897CF1E59559
                          SHA-512:63E6EAD7E182FA06A0BC0819D4FCEE513B1C9FAAF99D17A3143D98E5C336037645D43FA97797A33802DA74A163C1D0C8524C02564898AC4375E70BE7B924C403
                          Malicious:false
                          Reputation:unknown
                          Preview:L..................F.@.. ...$+.,.......>...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I>Yhm....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>Ytm....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V>Ytm....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V>Ytm..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V>Yvm...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............l.-.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
                          Download File
      
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct  3 09:48:42 2023, mtime=Fri Oct  6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                          Category:dropped
                          Size (bytes):2689
                          Entropy (8bit):4.000617489039471
                          Encrypted:false
                          SSDEEP:
                          MD5:D2052B80B82852935BFED57A3187625A
                          SHA1:B3DD01FF17E0CAD6A7BDC0CD849AEE344336B222
                          SHA-256:6C4134C9A6FEED20E5D714BF548E25BF01948A973B804D3DE66BA8E5344FD408
                          SHA-512:A768E0A15A7B7428D13C5D76628A9DDA2E41C356D2F5561CCB992ECE19B444DA5DF0573724462346EDF08308AA69E063C7E0A48502B13C115A2B20294D71473F
                          Malicious:false
                          Reputation:unknown
                          Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I>Yhm....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>Ytm....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V>Ytm....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V>Ytm..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............l.-.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
                          Download File
      
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct  3 09:48:42 2023, mtime=Mon Sep 30 12:43:43 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                          Category:dropped
                          Size (bytes):2677
                          Entropy (8bit):3.9909573568030625
                          Encrypted:false
                          SSDEEP:
                          MD5:1A9577ED5D7C592FE4A801E33DBFB9B9
                          SHA1:F5F3BD98A5A4ADE4A52A5F647E56A2E113594195
                          SHA-256:FEBF693BC11009A08AF295073F238B25FD82D4F84E0AD0262410366870DBEDA7
                          SHA-512:042B1F229C6F65067421963D6F4D9B5CF031CA6CD463C0F047C8E61DF595E1D4895B36A32A4E56B94CF23FD956F6266284979FCD083293657419D2387067E46E
                          Malicious:false
                          Reputation:unknown
                          Preview:L..................F.@.. ...$+.,.......>...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I>Yhm....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>Ytm....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V>Ytm....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V>Ytm..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V>Yvm...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............l.-.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
                          Download File
      
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct  3 09:48:42 2023, mtime=Mon Sep 30 12:43:43 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                          Category:dropped
                          Size (bytes):2677
                          Entropy (8bit):3.980586797920817
                          Encrypted:false
                          SSDEEP:
                          MD5:CAA6A8FF388B4A080493767BEFFB438F
                          SHA1:A1D8F215FF3549203C256FBC9481CB5DB45DB3B5
                          SHA-256:0AD8DCB3165A533E215F9377FE58D172D8C5B4853DC39B3EA9ADDB42702002FF
                          SHA-512:276EA3B01939CC51BC239AE83EC93C4734A833E66BFDB931A3EE016D4C5B3844D52D9ACDAD16F0047D3BED1EFD7F287433DB81C2A0DE0450BD2D062882B41C40
                          Malicious:false
                          Reputation:unknown
                          Preview:L..................F.@.. ...$+.,....|...>...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I>Yhm....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>Ytm....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V>Ytm....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V>Ytm..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V>Yvm...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............l.-.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
                          Download File
      
                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct  3 09:48:42 2023, mtime=Mon Sep 30 12:43:42 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                          Category:dropped
                          Size (bytes):2679
                          Entropy (8bit):3.9880842487389967
                          Encrypted:false
                          SSDEEP:
                          MD5:B217920B2282BD7120705D57981451C5
                          SHA1:CD4DCD063568C51E5B959DC3B9E1E9E9D60EC73A
                          SHA-256:FC408F8D7B88647D25C39FED8794D2BC17C6B3CA95FB5AD5307FF77E81DC8D7C
                          SHA-512:51AC09E02B6A475336C6F43B3E66AAAB02A29006262B43166DAC48ABA44515CB28A193029509B68703CDA318C5CE7B862A755A11A51ED8F88EE00A4AFB4B8126
                          Malicious:false
                          Reputation:unknown
                          Preview:L..................F.@.. ...$+.,........>...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I>Yhm....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V>Ytm....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V>Ytm....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V>Ytm..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V>Yvm...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............l.-.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                          C:\Users\user\Documents\Outlook Files\Outlook Data File - NoEmail.pst
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                          File Type:Microsoft Outlook email folder (>=2003)
                          Category:dropped
                          Size (bytes):271360
                          Entropy (8bit):1.4985884476983176
                          Encrypted:false
                          SSDEEP:
                          MD5:06D113BA9B7F68D56606B0C6A23DC90D
                          SHA1:C9AEF1F055D6D06432B0F6BD974AE1A94F4C5A90
                          SHA-256:35AA66B228743C6E406BCA0E4CD9A468DD2848789105E11CC95103C1D7065361
                          SHA-512:5E9277DBB1502AD8E945448F1D32BB88C5121DAED216002DB87DA37438B85CDB07EBDFC984B601839E1154B66CD692A0F91AF72EE9969BBC8907D6B1EFA6A2EB
                          Malicious:false
                          Reputation:unknown
                          Preview:!BDN..8.SM......\.......................\................@...........@...@...................................@...........................................................................$.......D.......:....................... ..................................................................................................................................................................................................................................................................................................H.......\V.$.[......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                          C:\Users\user\Documents\Outlook Files\~Outlook Data File - NoEmail.pst.tmp
                          Download File
      
                          Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                          File Type:data
                          Category:dropped
                          Size (bytes):131072
                          Entropy (8bit):0.9579244116690735
                          Encrypted:false
                          SSDEEP:
                          MD5:FBC6B615F79930061987A5A6776DC77D
                          SHA1:159DDC0EDB277C4D0BC3672F6EC9D4E00DB9CB0C
                          SHA-256:A7F9FA1E0CA7D4ED2A61DDB95273C942AAC18D13451676803E5516F850869AEA
                          SHA-512:D34C1C60B7BFB588D6AB333D9A013708C5450F78A9AB3289DA63DE20C99303EEEC2F3328E8A564CA927A3FB31EC5BD6FC1B35A6C1AB51415AD4778054AD51CC7
                          Malicious:false
                          Reputation:unknown
                          Preview:.B..C...K.............~.>.....................#.!BDN..8.SM......\.......................\................@...........@...@...................................@...........................................................................$.......D.......:....................... ..................................................................................................................................................................................................................................................................................................H.......\V.$.[....~.>........B............#.........................................................................................................................................................................................................................................................................................................................................................................................................
                          Static File Info
                          General
                          File type:CDFV2 Microsoft Outlook Message
                          Entropy (8bit):3.901449502762948
                          TrID:
                          • Outlook Message (71009/1) 58.92%
                          • Outlook Form Template (41509/1) 34.44%
                          • Generic OLE2 / Multistream Compound File (8008/1) 6.64%
                          File name:Un nouveau document est dsormais disponible_.msg
                          File size:33'792 bytes
                          MD5:82783ac612da77ad7b054967c45e69d0
                          SHA1:402dcb0c84e9045e0536ae5ad7b8c0417a202582
                          SHA256:270ef90c86e90cdcc84e8ab11867729b19cb4d243637d448b1114b620b672c82
                          SHA512:253d8e7862140d367cb6928380f22aee3628c83affd6252882532a9b3be11231ed9b35ca8aa35125a0a43951986966ee0cc3840be379681927018e6e4150c718
                          SSDEEP:768:J/wNoCZfE6bGGHPr5bzYIIBfvnWs5nNIXPoZ3aCurrxN0YPIdHo:mGGHPr5bs5zQQZ3IDq
                          TLSH:89E2581536E54605F2BA9F325DF6809786377CD2ED31C38F2299730E0B72980A971B6B
                          File Content Preview:........................>......................................................................................................................................................................................................................................
                          Static Mail
                          General
                          Subject:Un nouveau document est dsormais disponible.
                          From:Direction Generale <nepas-repondre@webmail.apsvt.fr>
                          To:<luca@cuzziol.it>
                          Cc:
                          BCC:
                          Date:Mon, 30 Sep 2024 13:11:53 +0200
                          Communications:
                          •  
 <https://pbs.twimg.com/profile_images/1646948800278175773/cl7hvpgZ_400x400.jpg> 	
 	 
Bonjour Madame, Monsieur,

Un nouveau document est dsormais disponible.

Connectez-vous  votre espace personnel  distance pour consulter le nouveau document. Sur notre site ou notre application mobile, Vous avez l'opportunit de consulter les Documents. 
 

Accder  mon espace  <https://alismus.com/fr> 	 

Pour toute information, utilisez la rubrique  Questions ?  en bas de la page daccueil du site ou, si besoin, la messagerie scurise depuis votre espace particulier.

Cordialement,

Lquipe Gouvernement


                          Attachments:
                            Headers
                            Key Value
                            Receivedfrom c-h2.archive-host.com (localhost [127.0.0.1])	by
                             2024 1336:23 +0200
                             Transport; Mon, 30 Sep 2024 1336:23 +0200
                             Mon, 30 Sep 2024 1336:22 +0200 (CEST)
                            Received-SPFnone (webmail.apsvt.fr: No applicable sender policy available) receiver=pmg.cuzziol.local; identity=mailfrom; envelope-from="nepas-repondre@webmail.apsvt.fr"; helo=webmail.apsvt.fr; client-ip=95.110.191.197
                             Mon, 30 Sep 2024 1111:53 +0000 (UTC)
                            FromDirection Generale <nepas-repondre@webmail.apsvt.fr>
                            To<luca@cuzziol.it>
                            SubjectUn nouveau document est dsormais disponible.
                            Message-ID<bba7e32d-5f75-487b-aa69-dce9872abecf@email.amazonses.com>
                            MIME-Version1.0
                            Content-Typetext/html; charset="utf-8"
                            Content-Transfer-Encoding8bit
                            DateMon, 30 Sep 2024 11:11:53 +0000
                            X-SPAM-LEVELSpam detection results:  6
                            	RAZOR2_CHECK            0.922 Listed in Razor2 (http//razor.sf.net/)
                            	SPF_HELO_NONE           0.001 SPFHELO does not publish an SPF Record
                            	SPF_NONE                0.001 SPFsender does not publish an SPF Record
                            Return-Pathnepas-repondre@webmail.apsvt.fr
                            X-MS-Exchange-Organization-AuthSourceEXCH01.cuzziol.local
                            X-MS-Exchange-Organization-AuthAsAnonymous
                            dateMon, 30 Sep 2024 13:11:53 +0200

                            File Icon
                            Icon Hash:c4e1928eacb280a2