Windows Analysis Report
Illustrator_Set-Up.exe

Overview

General Information

Sample name:	Illustrator_Set-Up.exe
Analysis ID:	1529343
MD5:	72b180dbff325139bf4b1e24f935b9c1
SHA1:	185aade4b3521bf6fe04231130e097532406a51b
SHA256:	283672e422288d90838d3a0bdcd0a6cf56cc506b8ccd4fdb2c68b3ca9d3bc3f3
Infos:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation))

Query firmware table information (likely to detect VMs)

Creates a process in suspended mode (likely to inject code)

Detected non-DNS traffic on DNS port

Found a high number of Window / User specific system calls (may be a loop to detect user behavior)

May sleep (evasive loops) to hinder dynamic analysis

Monitors certain registry keys / values for changes (often done to protect autostart functionality)

PE file contains an invalid checksum

PE file contains executable resources (Code or Archives)

Queries disk information (often used to detect virtual machines)

Queries information about the installed CPU (vendor, model number etc)

Queries keyboard layouts

Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)

Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)

Queries the volume information (name, serial number etc) of a device

Sigma detected: Suspicious Execution From GUID Like Folder Names

Stores files to the Windows start menu directory

Uses 32bit PE files

Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Classification

Signatures

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe

Registry value created: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION Illustrator_Set-Up.exe

Uses 32bit PE files

Source: Illustrator_Set-Up.exe

Static PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: Illustrator_Set-Up.exe

Static PE information: certificate valid

Source: unknown	HTTPS traffic detected: 18.245.60.45:443 -> 192.168.2.16:59595 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.16:59609 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.4.254:443 -> 192.168.2.16:59610 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.4.254:443 -> 192.168.2.16:59611 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.32.47.160:443 -> 192.168.2.16:59615 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.32.47.160:443 -> 192.168.2.16:59616 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.32.47.160:443 -> 192.168.2.16:59617 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.32.47.160:443 -> 192.168.2.16:59618 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 18.211.200.223:443 -> 192.168.2.16:59619 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.104.34.11:443 -> 192.168.2.16:59640 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.50.73.9:443 -> 192.168.2.16:62554 version: TLS 1.2

Source: Illustrator_Set-Up.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Local Storage\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Local\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Local\Adobe\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\

Source: chrome.exe

Memory has grown: Private usage: 2MB later: 28MB

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.222

Source: global traffic	DNS traffic detected: DNS query: chrome.cloudflare-dns.com
Source: global traffic	DNS traffic detected: DNS query: delegated.adobelogin.com
Source: global traffic	DNS traffic detected: DNS query: ims-na1.adobelogin.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: dpm.demdex.net
Source: global traffic	DNS traffic detected: DNS query: use.typekit.net
Source: global traffic	DNS traffic detected: DNS query: static.adobelogin.com
Source: global traffic	DNS traffic detected: DNS query: p.typekit.net

Source: unknown	Network traffic detected: HTTP traffic on port 62567 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59592 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62515 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62538 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62544 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59637 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51176 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51199 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51210 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59608 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51187 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62476 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62533 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62550 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62527 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59603 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59620 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62561 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51194 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59598 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62498 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62475 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62555 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62532 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62526 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51181 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62566 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59587 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51204 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51178
Source: unknown	Network traffic detected: HTTP traffic on port 62549 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51176
Source: unknown	Network traffic detected: HTTP traffic on port 59619 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51179
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62502
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59587
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51180
Source: unknown	Network traffic detected: HTTP traffic on port 59636 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62503
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51181
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59589
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59588
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62505
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51184
Source: unknown	Network traffic detected: HTTP traffic on port 51215 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51185
Source: unknown	Network traffic detected: HTTP traffic on port 51209 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51182
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51183
Source: unknown	Network traffic detected: HTTP traffic on port 51186 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51192 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62480
Source: unknown	Network traffic detected: HTTP traffic on port 62519 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62548 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59618 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59596 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59629
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59624
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59623
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59633
Source: unknown	Network traffic detected: HTTP traffic on port 51208 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51214 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62560 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51183 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62475
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62476
Source: unknown	Network traffic detected: HTTP traffic on port 62537 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51202 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62543 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59639
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59638
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59634
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59637
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59636
Source: unknown	Network traffic detected: HTTP traffic on port 62554 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59641
Source: unknown	Network traffic detected: HTTP traffic on port 51198 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59640
Source: unknown	Network traffic detected: HTTP traffic on port 62502 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62489
Source: unknown	Network traffic detected: HTTP traffic on port 59641 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59624 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59607 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62542 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62565 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51188 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51203 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62503 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59629 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62536 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62559 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62498
Source: unknown	Network traffic detected: HTTP traffic on port 59623 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59606 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62520 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62570 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62514 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59597 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51193 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62531 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59612 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62525 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51182 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51201 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51196 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59634 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62557
Source: unknown	Network traffic detected: HTTP traffic on port 59611 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62558
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62559
Source: unknown	Network traffic detected: HTTP traffic on port 62553 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62524 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62550
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62551
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62552
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62553
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62554
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62555
Source: unknown	Network traffic detected: HTTP traffic on port 59640 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62556
Source: unknown	Network traffic detected: HTTP traffic on port 51191 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59589 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62564 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62570
Source: unknown	Network traffic detected: HTTP traffic on port 59595 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59617 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62512 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51206 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62547 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62568
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62569
Source: unknown	Network traffic detected: HTTP traffic on port 51207 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51213 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62560
Source: unknown	Network traffic detected: HTTP traffic on port 51184 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62561
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62562
Source: unknown	Network traffic detected: HTTP traffic on port 62558 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62563
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62564
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62565
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62566
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62567
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51207
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51208
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51205
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51206
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59609
Source: unknown	Network traffic detected: HTTP traffic on port 62546 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62571 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51209
Source: unknown	Network traffic detected: HTTP traffic on port 59590 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59606
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59605
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51200
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59608
Source: unknown	Network traffic detected: HTTP traffic on port 62513 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59607
Source: unknown	Network traffic detected: HTTP traffic on port 59639 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62569 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51203
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51204
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59604
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51201
Source: unknown	Network traffic detected: HTTP traffic on port 59616 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59603
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51202
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59611
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59610
Source: unknown	Network traffic detected: HTTP traffic on port 51178 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51212 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62571
Source: unknown	Network traffic detected: HTTP traffic on port 51189 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62541 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62518 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59617
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51210
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59616
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51211
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59619
Source: unknown	Network traffic detected: HTTP traffic on port 51197 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59618
Source: unknown	Network traffic detected: HTTP traffic on port 59633 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51214
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59612
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51215
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59615
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51212
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51213
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59620
Source: unknown	Network traffic detected: HTTP traffic on port 62529 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59622
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59621
Source: unknown	Network traffic detected: HTTP traffic on port 49683 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62535 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62552 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59605 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62489 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62463
Source: unknown	Network traffic detected: HTTP traffic on port 59622 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62468
Source: unknown	Network traffic detected: HTTP traffic on port 62540 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62563 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51205 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51188
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51189
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51186
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51187
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59598
Source: unknown	Network traffic detected: HTTP traffic on port 62505 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62513
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51191
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59597
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62514
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51192
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62515
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62516
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51190
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62517
Source: unknown	Network traffic detected: HTTP traffic on port 62557 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51195
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62518
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51196
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59596
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62519
Source: unknown	Network traffic detected: HTTP traffic on port 62528 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51193
Source: unknown	Network traffic detected: HTTP traffic on port 62534 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59595
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51194
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59590
Source: unknown	Network traffic detected: HTTP traffic on port 59604 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59592
Source: unknown	Network traffic detected: HTTP traffic on port 59621 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62463 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62480 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62512
Source: unknown	Network traffic detected: HTTP traffic on port 62568 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62522 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62516 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51199
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51197
Source: unknown	Network traffic detected: HTTP traffic on port 51195 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51198
Source: unknown	Network traffic detected: HTTP traffic on port 59638 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62524
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62525
Source: unknown	Network traffic detected: HTTP traffic on port 59610 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62526
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62527
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62528
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62529
Source: unknown	Network traffic detected: HTTP traffic on port 62523 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62520
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62522
Source: unknown	Network traffic detected: HTTP traffic on port 51180 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62523
Source: unknown	Network traffic detected: HTTP traffic on port 62517 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51190 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59588 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62535
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62536
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62537
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62538
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62539
Source: unknown	Network traffic detected: HTTP traffic on port 62551 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51185 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62531
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62532
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62533
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62534
Source: unknown	Network traffic detected: HTTP traffic on port 51200 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62545 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62539 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62562 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59615 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62546
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62547
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62548
Source: unknown	Network traffic detected: HTTP traffic on port 51179 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62549
Source: unknown	Network traffic detected: HTTP traffic on port 62556 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51211 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62540
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62541
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62542
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62543
Source: unknown	Network traffic detected: HTTP traffic on port 59609 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62544
Source: unknown	Network traffic detected: HTTP traffic on port 62468 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62545

Source: unknown	HTTPS traffic detected: 18.245.60.45:443 -> 192.168.2.16:59595 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.16:59609 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.4.254:443 -> 192.168.2.16:59610 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.4.254:443 -> 192.168.2.16:59611 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.32.47.160:443 -> 192.168.2.16:59615 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.32.47.160:443 -> 192.168.2.16:59616 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.32.47.160:443 -> 192.168.2.16:59617 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.32.47.160:443 -> 192.168.2.16:59618 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 18.211.200.223:443 -> 192.168.2.16:59619 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.104.34.11:443 -> 192.168.2.16:59640 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.50.73.9:443 -> 192.168.2.16:62554 version: TLS 1.2

PE file contains executable resources (Code or Archives)

Source: Illustrator_Set-Up.exe	Static PE information: Resource name: DICTIONARY type: DOS executable (COM)
Source: Illustrator_Set-Up.exe	Static PE information: Resource name: JS type: DOS executable (COM)

Uses 32bit PE files

Source: Illustrator_Set-Up.exe

Static PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: classification engine

Classification label: mal48.evad.winEXE@63/93@29/1237

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe

File created: C:\Users\user\AppData\Roaming\com.adobe.dunamis\f65a88c9-12b3-4201-a633-87cf11b91fa8

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe User OS InfoNglSyncRunnable
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe Package Info ()NglSyncRunnable
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Mutant created: NULL
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Global\{3EBE6875-9C4E-4782-8A43-275AFFFCA6FB}
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe Profile InfoNglSyncRunnable
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\WAM.log
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\.ADOBE_WEBVIEW_FLAGS_SERVER.CONFIG
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Global\17984755fe166b7170b9b5099053521c
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\.CAPABILITY
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe App Info (Q3JlYXRpdmVDbG91ZEluc3RhbGxlcjF7fTIwMTgwNzIwMDE)NglAsnpMetaDataContentionLock
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe Proxy PasswordNglSyncRunnable
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2332:120:WilError_03
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe Proxy UsernameNglSyncRunnable
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Global\359dca4322b8b4a0f7f92bf448150fb
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe App Info (Q3JlYXRpdmVDbG91ZEluc3RhbGxlcjF7fTIwMTgwNzIwMDE)NglSyncRunnable
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe App Info (Q3JlYXRpdmVDbG91ZEluc3RhbGxlcjF7fTIwMTgwNzIwMDE)
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe App Prefetched Info (Q3JlYXRpdmVDbG91ZEluc3RhbGxlcjF7fTIwMTgwNzIwMDE)NglSyncRunnable
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Global\_MSIExecute
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe App Prefetched Info (Q3JlYXRpdmVDbG91ZEluc3RhbGxlcjF7fTIwMTgwNzIwMDE)
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe User InfoNglSyncRunnable
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe Proxy Username
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe User Info

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe

File created: C:\Users\user\AppData\Local\Temp\CreativeCloud

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe

File read: C:\Users\user\Desktop\desktop.ini

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File read: C:\Windows\System32\drivers\etc\hosts

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe

File read: C:\Users\user\Desktop\Illustrator_Set-Up.exe

Source: unknown	Process created: C:\Users\user\Desktop\Illustrator_Set-Up.exe "C:\Users\user\Desktop\Illustrator_Set-Up.exe"
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=7040.7120.9505774845487672127
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=7040.7120.5088034441643539806
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x170,0x7fff281a8e88,0x7fff281a8e98,0x7fff281a8ea8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x148,0x170,0x7fff281a8e88,0x7fff281a8e98,0x7fff281a8ea8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1736 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1748 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=1940 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2172 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2516 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2384 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1728410099567448 --launch-time-ticks=6947678627 --mojo-platform-channel-handle=3360 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:1
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1728410099568622 --launch-time-ticks=6947959127 --mojo-platform-channel-handle=3588 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:1
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x148,0x170,0x7fff281a8e88,0x7fff281a8e98,0x7fff281a8ea8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1748 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2172 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2516 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1728410099568622 --launch-time-ticks=6947959127 --mojo-platform-channel-handle=3588 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:1
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x170,0x7fff281a8e88,0x7fff281a8e98,0x7fff281a8ea8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1736 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=1940 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2384 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1728410099567448 --launch-time-ticks=6947678627 --mojo-platform-channel-handle=3360 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:1
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /C start chrome "https://ims-na1.adobelogin.com/ims/authorize?client_id=CreativeCloudInstallerWeb_v1_0&scope=allow_ac_dt_exchange%2Copenid%2CAdobeID%2Ccreative_cloud%2Ccreative_sdk%2Cread_organizations%2Csao.cce_private%2Cadditional_info.account_type&locale=en_US&redirect_uri=https%3A%2F%2Fauth.services.adobe.com%2Fen_US%2Fdeeplink.html%3Fdelegated_request_id%3D1641cfdd-1f35-4668-a023-46b1b40119fb%26client_id%3DCreativeCloudInstallerWeb_v1_0%26deeplink%3Ddelegation&ctx_id=WAM1_ILST_24"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ims-na1.adobelogin.com/ims/authorize?client_id=CreativeCloudInstallerWeb_v1_0&scope=allow_ac_dt_exchange%2Copenid%2CAdobeID%2Ccreative_cloud%2Ccreative_sdk%2Cread_organizations%2Csao.cce_private%2Cadditional_info.account_type&locale=en_US&redirect_uri=https%3A%2F%2Fauth.services.adobe.com%2Fen_US%2Fdeeplink.html%3Fdelegated_request_id%3D1641cfdd-1f35-4668-a023-46b1b40119fb%26client_id%3DCreativeCloudInstallerWeb_v1_0%26deeplink%3Ddelegation&ctx_id=WAM1_ILST_24"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=1980,i,10268802396016225095,5836267171710174831,262144 /prefetch:8
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /C start chrome "https://ims-na1.adobelogin.com/ims/authorize?client_id=CreativeCloudInstallerWeb_v1_0&scope=allow_ac_dt_exchange%2Copenid%2CAdobeID%2Ccreative_cloud%2Ccreative_sdk%2Cread_organizations%2Csao.cce_private%2Cadditional_info.account_type&locale=en_US&redirect_uri=https%3A%2F%2Fauth.services.adobe.com%2Fen_US%2Fdeeplink.html%3Fdelegated_request_id%3D1641cfdd-1f35-4668-a023-46b1b40119fb%26client_id%3DCreativeCloudInstallerWeb_v1_0%26deeplink%3Ddelegation&ctx_id=WAM1_ILST_24"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ims-na1.adobelogin.com/ims/authorize?client_id=CreativeCloudInstallerWeb_v1_0&scope=allow_ac_dt_exchange%2Copenid%2CAdobeID%2Ccreative_cloud%2Ccreative_sdk%2Cread_organizations%2Csao.cce_private%2Cadditional_info.account_type&locale=en_US&redirect_uri=https%3A%2F%2Fauth.services.adobe.com%2Fen_US%2Fdeeplink.html%3Fdelegated_request_id%3D1641cfdd-1f35-4668-a023-46b1b40119fb%26client_id%3DCreativeCloudInstallerWeb_v1_0%26deeplink%3Ddelegation&ctx_id=WAM1_ILST_24"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=1980,i,10268802396016225095,5836267171710174831,262144 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=4192 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=4628 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2492 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:8

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: windows.storage.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: wldp.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: iphlpapi.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: dhcpcsvc.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: wbemcomn.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: amsi.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: userenv.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: profapi.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: msxml3.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: version.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: sensapi.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: sensapi.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: textinputframework.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: coreuicomponents.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: coremessaging.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: ntmarta.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: wintypes.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: wintypes.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: wintypes.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: propsys.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: edputil.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: sspicli.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: dbghelp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: version.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ntmarta.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.system.profile.platformdiagnosticsandusagedatasettings.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: policymanager.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kbdus.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.system.profile.platformdiagnosticsandusagedatasettings.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: policymanager.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: userenv.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: gpapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wkscli.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netutils.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mdmregistration.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mdmregistration.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: omadmapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: powrprof.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptsp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dmcmnutils.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: iri.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: umpdc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netapi32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netapi32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dsreg.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptsp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: profapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: powrprof.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: umpdc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dwrite.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dpapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: nlaapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: iphlpapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dhcpcsvc6.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dhcpcsvc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dnsapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: textinputframework.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: coreuicomponents.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: coremessaging.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wintypes.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wintypes.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wintypes.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.storage.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wldp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.ui.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windowmanagementapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: inputhost.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: propsys.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: twinapi.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: twinapi.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: profapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wtsapi32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mscms.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: coloradapterclient.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winsta.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winhttp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.security.authentication.web.core.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: iertutil.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: onecorecommonproxystub.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: devobj.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptsp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dataexchange.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d11.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dcomp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dxgi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: rsaenh.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dxgi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: resourcepolicyclient.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mf.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mfplat.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: rtworkq.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: hevcdecoder.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dolbydecmft.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mfperfhelper.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netapi32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: atlthunk.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: oleacc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: directmanipulation.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dwmapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: policymanager.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d11.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d10warp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dxcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dcomp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dbghelp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dwrite.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wldp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: version.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ntmarta.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.system.profile.platformdiagnosticsandusagedatasettings.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: policymanager.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kbdus.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.system.profile.platformdiagnosticsandusagedatasettings.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: policymanager.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: userenv.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: gpapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wkscli.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netutils.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mdmregistration.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mdmregistration.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: omadmapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: powrprof.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptsp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dmcmnutils.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: iri.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: umpdc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netapi32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netapi32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dsreg.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptsp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: profapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: powrprof.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: umpdc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dwrite.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dpapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: nlaapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: iphlpapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dhcpcsvc6.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dhcpcsvc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dnsapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: textinputframework.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: coreuicomponents.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: coremessaging.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wintypes.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wintypes.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wintypes.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.storage.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wldp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.ui.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windowmanagementapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: inputhost.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: twinapi.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: propsys.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: twinapi.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: profapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wtsapi32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winsta.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mscms.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: coloradapterclient.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winhttp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.security.authentication.web.core.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: iertutil.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: onecorecommonproxystub.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: devobj.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptsp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: rsaenh.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dataexchange.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d11.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dcomp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dxgi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dxgi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: resourcepolicyclient.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netapi32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mf.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mfplat.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: rtworkq.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: hevcdecoder.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dolbydecmft.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mfperfhelper.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: atlthunk.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: oleacc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: directmanipulation.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dwmapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: policymanager.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d11.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d10warp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dxcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dcomp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dbghelp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dwrite.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wldp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: secur32.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: winhttp.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: mswsock.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: winnsi.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: dhcpcsvc6.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: webio.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: msasn1.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: cryptsp.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: rsaenh.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: dnsapi.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: rasadhlp.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: wtsapi32.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: winsta.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: gpapi.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: fwpuclnt.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: schannel.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: mskeyprotect.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: ntasn1.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: ncrypt.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: ncryptsslp.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: dpapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dwritecore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: vaultcli.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: aadwamextension.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: sspicli.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: microsoftaccountwamextension.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: hevcdecoder.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: tenantrestrictionsplugin.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.web.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netprofm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: npmproxy.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.system.userprofile.diagnosticssettings.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: secur32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wevtapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: iphlpapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dhcpcsvc6.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dhcpcsvc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dnsapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: nlaapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mswsock.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: rasadhlp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ntmarta.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ncrypt.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ntasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ncryptprov.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: profapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: iphlpapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dhcpcsvc6.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dhcpcsvc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: nlaapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dnsapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mswsock.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: rasadhlp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ntmarta.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ncrypt.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ntasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ncryptprov.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: profapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dbghelp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.system.diagnostics.telemetry.platformtelemetryclient.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: bitsproxy.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.system.userprofile.diagnosticssettings.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: vaultcli.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.web.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dbghelp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: secur32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: hevcdecoder.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: sspicli.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: tenantrestrictionsplugin.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.system.diagnostics.telemetry.platformtelemetryclient.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netprofm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: npmproxy.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: bitsproxy.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: fwpuclnt.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: edputil.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: urlmon.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: iertutil.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: srvcli.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: netutils.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: windows.staterepositoryps.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: appresolver.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: bcp47langs.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: slc.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: sppc.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: onecorecommonproxystub.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: onecoreuapcommonproxystub.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wevtapi.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: uxtheme.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: windows.storage.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: wldp.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: propsys.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: profapi.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: edputil.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: urlmon.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: iertutil.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: srvcli.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: netutils.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: windows.staterepositoryps.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: sspicli.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: wintypes.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: appresolver.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: bcp47langs.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: slc.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: userenv.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: sppc.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: onecorecommonproxystub.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: onecoreuapcommonproxystub.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: pcacli.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: mpr.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: sfc_os.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dwritecore.dll

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocServer32

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe

Key opened: HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Links

Source: Illustrator_Set-Up.exe

Static PE information: certificate valid

Source: Illustrator_Set-Up.exe

Static file information: File size 3310464 > 1048576

Source: Illustrator_Set-Up.exe

Static PE information: Raw size of UPX1 is bigger than: 0x100000 < 0x31aa00

Source: Illustrator_Set-Up.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE

PE file contains an invalid checksum

Source: Illustrator_Set-Up.exe

Static PE information: real checksum: 0x32c64c should be: 0x32b909

Source: initial sample	Static PE information: section name: UPX0
Source: initial sample	Static PE information: section name: UPX1

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Monitors certain registry keys / values for changes (often done to protect autostart functionality)

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Registry key monitored for changes: HKEY_CURRENT_USER_Classes
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Registry key monitored for changes: HKEY_CURRENT_USER_Classes
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Registry key monitored for changes: HKEY_CURRENT_USER_Classes
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Registry key monitored for changes: HKEY_CURRENT_USER_Classes
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Registry key monitored for changes: HKEY_CURRENT_USER_Classes

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\cmd.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX

Malware Analysis System Evasion

Query firmware table information (likely to detect VMs)

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe

System information queried: FirmwareTableInformation

Found a high number of Window / User specific system calls (may be a loop to detect user behavior)

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Window / User API: threadDelayed 407
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Window / User API: threadDelayed 1366
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Window / User API: threadDelayed 6092

May sleep (evasive loops) to hinder dynamic analysis

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe TID: 7724	Thread sleep time: -30000s >= -30000s
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe TID: 7600	Thread sleep time: -68300s >= -30000s
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe TID: 7612	Thread sleep time: -67000s >= -30000s
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe TID: 7656	Thread sleep time: -120000s >= -30000s
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe TID: 7600	Thread sleep time: -304600s >= -30000s

Queries disk information (often used to detect virtual machines)

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe

File opened: PhysicalDrive0

Queries keyboard layouts

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Key opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\d0010809
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Key opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\d0010809

Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct

Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Code Cache\wasm FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Code Cache\js FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Code Cache\wasm FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Code Cache\js FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\blob_storage\480ed7d7-fd4e-453e-b79d-02b791d40766 FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Cache\Cache_Data FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Cache\Cache_Data FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\blob_storage\598f662b-c588-4bf0-baf1-42c9cdb5f4a4 FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: unknown FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: unknown FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: unknown FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: unknown FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: unknown FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: unknown FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: unknown FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: unknown FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: unknown FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: unknown FullSizeInformation

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Local Storage\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Local\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Local\Adobe\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe

Process information queried: ProcessInformation

Anti Debugging

Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation))

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	System information queried: CodeIntegrityInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	System information queried: CodeIntegrityInformation

Creates a process in suspended mode (likely to inject code)

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x148,0x170,0x7fff281a8e88,0x7fff281a8e98,0x7fff281a8ea8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1748 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2172 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2516 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1728410099568622 --launch-time-ticks=6947959127 --mojo-platform-channel-handle=3588 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:1
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x170,0x7fff281a8e88,0x7fff281a8e98,0x7fff281a8ea8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1736 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=1940 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2384 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1728410099567448 --launch-time-ticks=6947678627 --mojo-platform-channel-handle=3360 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:1
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /C start chrome "https://ims-na1.adobelogin.com/ims/authorize?client_id=CreativeCloudInstallerWeb_v1_0&scope=allow_ac_dt_exchange%2Copenid%2CAdobeID%2Ccreative_cloud%2Ccreative_sdk%2Cread_organizations%2Csao.cce_private%2Cadditional_info.account_type&locale=en_US&redirect_uri=https%3A%2F%2Fauth.services.adobe.com%2Fen_US%2Fdeeplink.html%3Fdelegated_request_id%3D1641cfdd-1f35-4668-a023-46b1b40119fb%26client_id%3DCreativeCloudInstallerWeb_v1_0%26deeplink%3Ddelegation&ctx_id=WAM1_ILST_24"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ims-na1.adobelogin.com/ims/authorize?client_id=CreativeCloudInstallerWeb_v1_0&scope=allow_ac_dt_exchange%2Copenid%2CAdobeID%2Ccreative_cloud%2Ccreative_sdk%2Cread_organizations%2Csao.cce_private%2Cadditional_info.account_type&locale=en_US&redirect_uri=https%3A%2F%2Fauth.services.adobe.com%2Fen_US%2Fdeeplink.html%3Fdelegated_request_id%3D1641cfdd-1f35-4668-a023-46b1b40119fb%26client_id%3DCreativeCloudInstallerWeb_v1_0%26deeplink%3Ddelegation&ctx_id=WAM1_ILST_24"
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: unknown unknown

Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Queries information about the installed CPU (vendor, model number etc)

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0

Queries the volume information (name, serial number etc) of a device

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\CreativeCloud\ACC\WAM.log VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\WidevineCdm\manifest.json VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\Trust Protection Lists\manifest.json VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\System32\spool\drivers\color\sRGB Color Space Profile.icm VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\segoeuib.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesbd.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesbi.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesbi.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\arial.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\arial.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ARIALN.TTF VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ARIALN.TTF VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ariali.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ariali.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ARIALNI.TTF VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\arialbd.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ARIALNB.TTF VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\arialbi.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ARIALNBI.TTF VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ARIALNBI.TTF VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ariblk.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ariblk.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\Trust Protection Lists\manifest.json VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\WidevineCdm\manifest.json VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\System32\spool\drivers\color\sRGB Color Space Profile.icm VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\segoeuib.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesbd.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\arial.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\arial.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ariali.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ARIALNI.TTF VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ARIALNI.TTF VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\arialbd.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\arialbd.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ARIALNB.TTF VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ARIALNB.TTF VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\arialbi.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ARIALNBI.TTF VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ARIALNBI.TTF VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ariblk.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ariblk.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\MEIPreload\preloaded_data.pb VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Network\SCT Auditing Pending Reports VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Network\SCT Auditing Pending Reports VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\MEIPreload\preloaded_data.pb VolumeInformation

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe

Registry value created: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION

Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.186.68	www.google.com	United States	15169	GOOGLEUS	false
216.58.206.74	unknown	United States	15169	GOOGLEUS	false
142.250.74.206	unknown	United States	15169	GOOGLEUS	false
2.19.126.206	unknown	European Union	16625	AKAMAI-ASUS	false
162.159.61.3	unknown	United States	13335	CLOUDFLARENETUS	false
63.140.62.222	adobe.com.ssl.d1.sc.omtrdc.net	United States	15224	OMNITUREUS	false
23.204.152.142	unknown	United States	20940	AKAMAI-ASN1EU	false
142.250.186.131	unknown	United States	15169	GOOGLEUS	false
204.79.197.239	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
54.83.193.95	unknown	United States	14618	AMAZON-AESUS	false
13.224.189.8	dd20fzx9mj46f.cloudfront.net	United States	16509	AMAZON-02US	false
172.64.41.3	chrome.cloudflare-dns.com	United States	13335	CLOUDFLARENETUS	false
66.102.1.84	unknown	United States	15169	GOOGLEUS	false
3.211.174.17	unknown	United States	14618	AMAZON-AESUS	false
52.210.48.33	dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com	United States	16509	AMAZON-02US	false
2.16.168.10	unknown	European Union	20940	AKAMAI-ASN1EU	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
34.104.35.123	unknown	United States	15169	GOOGLEUS	false
216.58.212.131	unknown	United States	15169	GOOGLEUS	false
13.107.21.239	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
3.248.26.100	unknown	United States	16509	AMAZON-02US	false
172.64.155.179	unknown	United States	13335	CLOUDFLARENETUS	false
18.65.39.31	unknown	United States	3	MIT-GATEWAYSUS	false
34.250.67.152	unknown	United States	16509	AMAZON-02US	false
13.107.42.16	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
54.195.71.107	unknown	United States	16509	AMAZON-02US	false
142.250.185.170	unknown	United States	15169	GOOGLEUS	false
2.19.126.211	unknown	European Union	16625	AKAMAI-ASUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
172.66.0.163	unknown	United States	13335	CLOUDFLARENETUS	false
13.32.47.160	resources-prod.licensingstack.com	United States	16509	AMAZON-02US	false
142.250.186.142	unknown	United States	15169	GOOGLEUS	false
44.209.177.127	unknown	United States	14618	AMAZON-AESUS	false
23.204.152.170	unknown	United States	20940	AKAMAI-ASN1EU	false
18.245.60.45	d1n897799gitxr.cloudfront.net	United States	16509	AMAZON-02US	false
18.211.200.223	ethos502-prod-va6-k8s-p2-0-7ccfc4a2a823108f.elb.us-east-1.amazonaws.com	United States	14618	AMAZON-AESUS	false

Private

IP
192.168.2.17
192.168.2.16

Contacted Domains

Name	IP	Active
dd20fzx9mj46f.cloudfront.net	13.224.189.8	true
chrome.cloudflare-dns.com	172.64.41.3	true
adobe.com.ssl.d1.sc.omtrdc.net	63.140.62.222	true
www.google.com	142.250.186.68	true
dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com	52.210.48.33	true
d1n897799gitxr.cloudfront.net	18.245.60.45	true
resources-prod.licensingstack.com	13.32.47.160	true
ethos502-prod-va6-k8s-p2-0-7ccfc4a2a823108f.elb.us-east-1.amazonaws.com	18.211.200.223	true
delegated.adobelogin.com	unknown	unknown
use.typekit.net	unknown	unknown
p.typekit.net	unknown	unknown
ims-na1.adobelogin.com	unknown	unknown
dpm.demdex.net	unknown	unknown
static.adobelogin.com	unknown	unknown

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe

Registry value created: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION Illustrator_Set-Up.exe

Uses 32bit PE files

Source: Illustrator_Set-Up.exe

Static PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: Illustrator_Set-Up.exe

Static PE information: certificate valid

Source: unknown	HTTPS traffic detected: 18.245.60.45:443 -> 192.168.2.16:59595 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.16:59609 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.4.254:443 -> 192.168.2.16:59610 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.4.254:443 -> 192.168.2.16:59611 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.32.47.160:443 -> 192.168.2.16:59615 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.32.47.160:443 -> 192.168.2.16:59616 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.32.47.160:443 -> 192.168.2.16:59617 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.32.47.160:443 -> 192.168.2.16:59618 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 18.211.200.223:443 -> 192.168.2.16:59619 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.104.34.11:443 -> 192.168.2.16:59640 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.50.73.9:443 -> 192.168.2.16:62554 version: TLS 1.2

Source: Illustrator_Set-Up.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Local Storage\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Local\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Local\Adobe\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\

Source: chrome.exe

Memory has grown: Private usage: 2MB later: 28MB

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:62462 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:59583 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51174 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.239
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.222

Source: global traffic	DNS traffic detected: DNS query: chrome.cloudflare-dns.com
Source: global traffic	DNS traffic detected: DNS query: delegated.adobelogin.com
Source: global traffic	DNS traffic detected: DNS query: ims-na1.adobelogin.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: dpm.demdex.net
Source: global traffic	DNS traffic detected: DNS query: use.typekit.net
Source: global traffic	DNS traffic detected: DNS query: static.adobelogin.com
Source: global traffic	DNS traffic detected: DNS query: p.typekit.net

Source: unknown	Network traffic detected: HTTP traffic on port 62567 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59592 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62515 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62538 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62544 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59637 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51176 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51199 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51210 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59608 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51187 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62476 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62533 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62550 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62527 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59603 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59620 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62561 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51194 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59598 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62498 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62475 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62555 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62532 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62526 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51181 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62566 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59587 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51204 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51178
Source: unknown	Network traffic detected: HTTP traffic on port 62549 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51176
Source: unknown	Network traffic detected: HTTP traffic on port 59619 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51179
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62502
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59587
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51180
Source: unknown	Network traffic detected: HTTP traffic on port 59636 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62503
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51181
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59589
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59588
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62505
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51184
Source: unknown	Network traffic detected: HTTP traffic on port 51215 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51185
Source: unknown	Network traffic detected: HTTP traffic on port 51209 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51182
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51183
Source: unknown	Network traffic detected: HTTP traffic on port 51186 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51192 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62480
Source: unknown	Network traffic detected: HTTP traffic on port 62519 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62548 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59618 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59596 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59629
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59624
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59623
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59633
Source: unknown	Network traffic detected: HTTP traffic on port 51208 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51214 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62560 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51183 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62475
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62476
Source: unknown	Network traffic detected: HTTP traffic on port 62537 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51202 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62543 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59639
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59638
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59634
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59637
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59636
Source: unknown	Network traffic detected: HTTP traffic on port 62554 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59641
Source: unknown	Network traffic detected: HTTP traffic on port 51198 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59640
Source: unknown	Network traffic detected: HTTP traffic on port 62502 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62489
Source: unknown	Network traffic detected: HTTP traffic on port 59641 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59624 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59607 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62542 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62565 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51188 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51203 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62503 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59629 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62536 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62559 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62498
Source: unknown	Network traffic detected: HTTP traffic on port 59623 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59606 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62520 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62570 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62514 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59597 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51193 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62531 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59612 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62525 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51182 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51201 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51196 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59634 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62557
Source: unknown	Network traffic detected: HTTP traffic on port 59611 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62558
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62559
Source: unknown	Network traffic detected: HTTP traffic on port 62553 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62524 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62550
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62551
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62552
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62553
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62554
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62555
Source: unknown	Network traffic detected: HTTP traffic on port 59640 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62556
Source: unknown	Network traffic detected: HTTP traffic on port 51191 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59589 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62564 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62570
Source: unknown	Network traffic detected: HTTP traffic on port 59595 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59617 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62512 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51206 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62547 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62568
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62569
Source: unknown	Network traffic detected: HTTP traffic on port 51207 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51213 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62560
Source: unknown	Network traffic detected: HTTP traffic on port 51184 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62561
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62562
Source: unknown	Network traffic detected: HTTP traffic on port 62558 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62563
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62564
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62565
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62566
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62567
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51207
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51208
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51205
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51206
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59609
Source: unknown	Network traffic detected: HTTP traffic on port 62546 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62571 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51209
Source: unknown	Network traffic detected: HTTP traffic on port 59590 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59606
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59605
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51200
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59608
Source: unknown	Network traffic detected: HTTP traffic on port 62513 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59607
Source: unknown	Network traffic detected: HTTP traffic on port 59639 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62569 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51203
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51204
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59604
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51201
Source: unknown	Network traffic detected: HTTP traffic on port 59616 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59603
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51202
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59611
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59610
Source: unknown	Network traffic detected: HTTP traffic on port 51178 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51212 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62571
Source: unknown	Network traffic detected: HTTP traffic on port 51189 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62541 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62518 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59617
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51210
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59616
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51211
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59619
Source: unknown	Network traffic detected: HTTP traffic on port 51197 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59618
Source: unknown	Network traffic detected: HTTP traffic on port 59633 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51214
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59612
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51215
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59615
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51212
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51213
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59620
Source: unknown	Network traffic detected: HTTP traffic on port 62529 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59622
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59621
Source: unknown	Network traffic detected: HTTP traffic on port 49683 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62535 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62552 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59605 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62489 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62463
Source: unknown	Network traffic detected: HTTP traffic on port 59622 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62468
Source: unknown	Network traffic detected: HTTP traffic on port 62540 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62563 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51205 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51188
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51189
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51186
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51187
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59598
Source: unknown	Network traffic detected: HTTP traffic on port 62505 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62513
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51191
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59597
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62514
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51192
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62515
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62516
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51190
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62517
Source: unknown	Network traffic detected: HTTP traffic on port 62557 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51195
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62518
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51196
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59596
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62519
Source: unknown	Network traffic detected: HTTP traffic on port 62528 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51193
Source: unknown	Network traffic detected: HTTP traffic on port 62534 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59595
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51194
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59590
Source: unknown	Network traffic detected: HTTP traffic on port 59604 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59592
Source: unknown	Network traffic detected: HTTP traffic on port 59621 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62463 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62480 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62512
Source: unknown	Network traffic detected: HTTP traffic on port 62568 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62522 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62516 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51199
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51197
Source: unknown	Network traffic detected: HTTP traffic on port 51195 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51198
Source: unknown	Network traffic detected: HTTP traffic on port 59638 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62524
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62525
Source: unknown	Network traffic detected: HTTP traffic on port 59610 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62526
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62527
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62528
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62529
Source: unknown	Network traffic detected: HTTP traffic on port 62523 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62520
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62522
Source: unknown	Network traffic detected: HTTP traffic on port 51180 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62523
Source: unknown	Network traffic detected: HTTP traffic on port 62517 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51190 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59588 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62535
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62536
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62537
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62538
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62539
Source: unknown	Network traffic detected: HTTP traffic on port 62551 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51185 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62531
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62532
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62533
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62534
Source: unknown	Network traffic detected: HTTP traffic on port 51200 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62545 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62539 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62562 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59615 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62546
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62547
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62548
Source: unknown	Network traffic detected: HTTP traffic on port 51179 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62549
Source: unknown	Network traffic detected: HTTP traffic on port 62556 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51211 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62540
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62541
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62542
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62543
Source: unknown	Network traffic detected: HTTP traffic on port 59609 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62544
Source: unknown	Network traffic detected: HTTP traffic on port 62468 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62545

Source: unknown	HTTPS traffic detected: 18.245.60.45:443 -> 192.168.2.16:59595 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.16:59609 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.4.254:443 -> 192.168.2.16:59610 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.4.254:443 -> 192.168.2.16:59611 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.32.47.160:443 -> 192.168.2.16:59615 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.32.47.160:443 -> 192.168.2.16:59616 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.32.47.160:443 -> 192.168.2.16:59617 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.32.47.160:443 -> 192.168.2.16:59618 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 18.211.200.223:443 -> 192.168.2.16:59619 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.104.34.11:443 -> 192.168.2.16:59640 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.50.73.9:443 -> 192.168.2.16:62554 version: TLS 1.2

PE file contains executable resources (Code or Archives)

Source: Illustrator_Set-Up.exe	Static PE information: Resource name: DICTIONARY type: DOS executable (COM)
Source: Illustrator_Set-Up.exe	Static PE information: Resource name: JS type: DOS executable (COM)

Uses 32bit PE files

Source: Illustrator_Set-Up.exe

Static PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: classification engine

Classification label: mal48.evad.winEXE@63/93@29/1237

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe

File created: C:\Users\user\AppData\Roaming\com.adobe.dunamis\f65a88c9-12b3-4201-a633-87cf11b91fa8

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe User OS InfoNglSyncRunnable
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe Package Info ()NglSyncRunnable
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Mutant created: NULL
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Global\{3EBE6875-9C4E-4782-8A43-275AFFFCA6FB}
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe Profile InfoNglSyncRunnable
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\WAM.log
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\.ADOBE_WEBVIEW_FLAGS_SERVER.CONFIG
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Global\17984755fe166b7170b9b5099053521c
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\.CAPABILITY
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe App Info (Q3JlYXRpdmVDbG91ZEluc3RhbGxlcjF7fTIwMTgwNzIwMDE)NglAsnpMetaDataContentionLock
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe Proxy PasswordNglSyncRunnable
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2332:120:WilError_03
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe Proxy UsernameNglSyncRunnable
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Global\359dca4322b8b4a0f7f92bf448150fb
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe App Info (Q3JlYXRpdmVDbG91ZEluc3RhbGxlcjF7fTIwMTgwNzIwMDE)NglSyncRunnable
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe App Info (Q3JlYXRpdmVDbG91ZEluc3RhbGxlcjF7fTIwMTgwNzIwMDE)
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe App Prefetched Info (Q3JlYXRpdmVDbG91ZEluc3RhbGxlcjF7fTIwMTgwNzIwMDE)NglSyncRunnable
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Global\_MSIExecute
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe App Prefetched Info (Q3JlYXRpdmVDbG91ZEluc3RhbGxlcjF7fTIwMTgwNzIwMDE)
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe User InfoNglSyncRunnable
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe Proxy Username
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Mutant created: \Sessions\1\BaseNamedObjects\Adobe User Info

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe

File created: C:\Users\user\AppData\Local\Temp\CreativeCloud

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe

File read: C:\Users\user\Desktop\desktop.ini

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File read: C:\Windows\System32\drivers\etc\hosts

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe

File read: C:\Users\user\Desktop\Illustrator_Set-Up.exe

Source: unknown	Process created: C:\Users\user\Desktop\Illustrator_Set-Up.exe "C:\Users\user\Desktop\Illustrator_Set-Up.exe"
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=7040.7120.9505774845487672127
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=7040.7120.5088034441643539806
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x170,0x7fff281a8e88,0x7fff281a8e98,0x7fff281a8ea8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x148,0x170,0x7fff281a8e88,0x7fff281a8e98,0x7fff281a8ea8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1736 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1748 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=1940 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2172 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2516 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2384 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1728410099567448 --launch-time-ticks=6947678627 --mojo-platform-channel-handle=3360 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:1
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1728410099568622 --launch-time-ticks=6947959127 --mojo-platform-channel-handle=3588 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:1
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x148,0x170,0x7fff281a8e88,0x7fff281a8e98,0x7fff281a8ea8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1748 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2172 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2516 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1728410099568622 --launch-time-ticks=6947959127 --mojo-platform-channel-handle=3588 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:1
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x170,0x7fff281a8e88,0x7fff281a8e98,0x7fff281a8ea8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1736 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=1940 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2384 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1728410099567448 --launch-time-ticks=6947678627 --mojo-platform-channel-handle=3360 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:1
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /C start chrome "https://ims-na1.adobelogin.com/ims/authorize?client_id=CreativeCloudInstallerWeb_v1_0&scope=allow_ac_dt_exchange%2Copenid%2CAdobeID%2Ccreative_cloud%2Ccreative_sdk%2Cread_organizations%2Csao.cce_private%2Cadditional_info.account_type&locale=en_US&redirect_uri=https%3A%2F%2Fauth.services.adobe.com%2Fen_US%2Fdeeplink.html%3Fdelegated_request_id%3D1641cfdd-1f35-4668-a023-46b1b40119fb%26client_id%3DCreativeCloudInstallerWeb_v1_0%26deeplink%3Ddelegation&ctx_id=WAM1_ILST_24"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ims-na1.adobelogin.com/ims/authorize?client_id=CreativeCloudInstallerWeb_v1_0&scope=allow_ac_dt_exchange%2Copenid%2CAdobeID%2Ccreative_cloud%2Ccreative_sdk%2Cread_organizations%2Csao.cce_private%2Cadditional_info.account_type&locale=en_US&redirect_uri=https%3A%2F%2Fauth.services.adobe.com%2Fen_US%2Fdeeplink.html%3Fdelegated_request_id%3D1641cfdd-1f35-4668-a023-46b1b40119fb%26client_id%3DCreativeCloudInstallerWeb_v1_0%26deeplink%3Ddelegation&ctx_id=WAM1_ILST_24"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=1980,i,10268802396016225095,5836267171710174831,262144 /prefetch:8
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /C start chrome "https://ims-na1.adobelogin.com/ims/authorize?client_id=CreativeCloudInstallerWeb_v1_0&scope=allow_ac_dt_exchange%2Copenid%2CAdobeID%2Ccreative_cloud%2Ccreative_sdk%2Cread_organizations%2Csao.cce_private%2Cadditional_info.account_type&locale=en_US&redirect_uri=https%3A%2F%2Fauth.services.adobe.com%2Fen_US%2Fdeeplink.html%3Fdelegated_request_id%3D1641cfdd-1f35-4668-a023-46b1b40119fb%26client_id%3DCreativeCloudInstallerWeb_v1_0%26deeplink%3Ddelegation&ctx_id=WAM1_ILST_24"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ims-na1.adobelogin.com/ims/authorize?client_id=CreativeCloudInstallerWeb_v1_0&scope=allow_ac_dt_exchange%2Copenid%2CAdobeID%2Ccreative_cloud%2Ccreative_sdk%2Cread_organizations%2Csao.cce_private%2Cadditional_info.account_type&locale=en_US&redirect_uri=https%3A%2F%2Fauth.services.adobe.com%2Fen_US%2Fdeeplink.html%3Fdelegated_request_id%3D1641cfdd-1f35-4668-a023-46b1b40119fb%26client_id%3DCreativeCloudInstallerWeb_v1_0%26deeplink%3Ddelegation&ctx_id=WAM1_ILST_24"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=1980,i,10268802396016225095,5836267171710174831,262144 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=4192 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=4628 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2492 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:8

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: windows.storage.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: wldp.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: iphlpapi.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: dhcpcsvc.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: wbemcomn.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: amsi.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: userenv.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: profapi.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: msxml3.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: version.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: sensapi.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: sensapi.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: explorerframe.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: textinputframework.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: coreuicomponents.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: coremessaging.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: ntmarta.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: wintypes.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: wintypes.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: wintypes.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: propsys.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: edputil.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: sspicli.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: dbghelp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: version.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ntmarta.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.system.profile.platformdiagnosticsandusagedatasettings.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: policymanager.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kbdus.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.system.profile.platformdiagnosticsandusagedatasettings.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: policymanager.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: userenv.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: gpapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wkscli.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netutils.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mdmregistration.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mdmregistration.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: omadmapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: powrprof.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptsp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dmcmnutils.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: iri.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: umpdc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netapi32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netapi32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dsreg.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptsp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: profapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: powrprof.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: umpdc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dwrite.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dpapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: nlaapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: iphlpapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dhcpcsvc6.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dhcpcsvc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dnsapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: textinputframework.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: coreuicomponents.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: coremessaging.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wintypes.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wintypes.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wintypes.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.storage.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wldp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.ui.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windowmanagementapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: inputhost.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: propsys.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: twinapi.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: twinapi.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: profapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wtsapi32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mscms.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: coloradapterclient.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winsta.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winhttp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.security.authentication.web.core.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: iertutil.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: onecorecommonproxystub.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: devobj.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptsp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dataexchange.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d11.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dcomp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dxgi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: rsaenh.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dxgi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: resourcepolicyclient.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mf.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mfplat.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: rtworkq.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: hevcdecoder.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dolbydecmft.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mfperfhelper.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netapi32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: atlthunk.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: oleacc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: directmanipulation.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dwmapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: policymanager.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d11.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d10warp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dxcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dcomp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dbghelp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dwrite.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wldp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: version.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ntmarta.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.system.profile.platformdiagnosticsandusagedatasettings.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: policymanager.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kbdus.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.system.profile.platformdiagnosticsandusagedatasettings.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: policymanager.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: userenv.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: gpapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wkscli.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netutils.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mdmregistration.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mdmregistration.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: omadmapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: powrprof.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptsp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dmcmnutils.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: iri.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: umpdc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netapi32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netapi32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dsreg.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptsp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: profapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: powrprof.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: umpdc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dwrite.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dpapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: nlaapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: iphlpapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dhcpcsvc6.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dhcpcsvc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dnsapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: textinputframework.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: coreuicomponents.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: coremessaging.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wintypes.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wintypes.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wintypes.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.storage.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wldp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.ui.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windowmanagementapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: inputhost.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: twinapi.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: propsys.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: twinapi.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: profapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wtsapi32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winsta.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mscms.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: coloradapterclient.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winhttp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.security.authentication.web.core.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: iertutil.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: onecorecommonproxystub.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: devobj.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptsp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: rsaenh.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dataexchange.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d11.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dcomp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dxgi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dxgi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: resourcepolicyclient.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netapi32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mf.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mfplat.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: rtworkq.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: hevcdecoder.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dolbydecmft.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mfperfhelper.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: atlthunk.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: oleacc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: directmanipulation.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dwmapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: policymanager.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: msvcp110_win.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d11.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: d3d10warp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dxcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dcomp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dbghelp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dwrite.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wldp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: secur32.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: winhttp.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: mswsock.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: winnsi.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: dhcpcsvc6.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: webio.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: msasn1.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: cryptsp.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: rsaenh.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: dnsapi.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: rasadhlp.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: wtsapi32.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: winsta.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: gpapi.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: fwpuclnt.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: schannel.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: mskeyprotect.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: ntasn1.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: ncrypt.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: ncryptsslp.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: dpapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dwritecore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: vaultcli.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: aadwamextension.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: sspicli.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: microsoftaccountwamextension.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: hevcdecoder.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: tenantrestrictionsplugin.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.web.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netprofm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: npmproxy.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.system.userprofile.diagnosticssettings.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: secur32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wevtapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: iphlpapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dhcpcsvc6.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dhcpcsvc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dnsapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: nlaapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mswsock.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: rasadhlp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ntmarta.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ncrypt.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ntasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ncryptprov.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: profapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: iphlpapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dhcpcsvc6.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dhcpcsvc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: nlaapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dnsapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: mswsock.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: rasadhlp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ntmarta.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ncrypt.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ntasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: ncryptprov.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: profapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dbghelp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.system.diagnostics.telemetry.platformtelemetryclient.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: bitsproxy.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.system.userprofile.diagnosticssettings.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: vaultcli.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.web.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dbghelp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: secur32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: hevcdecoder.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: sspicli.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: tenantrestrictionsplugin.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: windows.system.diagnostics.telemetry.platformtelemetryclient.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: netprofm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: npmproxy.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: bitsproxy.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: uxtheme.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: winmm.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: fwpuclnt.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: edputil.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: urlmon.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: iertutil.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: srvcli.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: netutils.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: windows.staterepositoryps.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: appresolver.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: bcp47langs.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: slc.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: sppc.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: onecorecommonproxystub.dll
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Section loaded: onecoreuapcommonproxystub.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: wevtapi.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: uxtheme.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: windows.storage.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: wldp.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: propsys.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: profapi.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: edputil.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: urlmon.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: iertutil.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: srvcli.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: netutils.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: windows.staterepositoryps.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: sspicli.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: wintypes.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: appresolver.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: bcp47langs.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: slc.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: userenv.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: sppc.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: onecorecommonproxystub.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: onecoreuapcommonproxystub.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: pcacli.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: mpr.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: sfc_os.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Section loaded: dwritecore.dll

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocServer32

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe

Key opened: HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Links

Source: Illustrator_Set-Up.exe

Static PE information: certificate valid

Source: Illustrator_Set-Up.exe

Static file information: File size 3310464 > 1048576

Source: Illustrator_Set-Up.exe

Static PE information: Raw size of UPX1 is bigger than: 0x100000 < 0x31aa00

Source: Illustrator_Set-Up.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE

PE file contains an invalid checksum

Source: Illustrator_Set-Up.exe

Static PE information: real checksum: 0x32c64c should be: 0x32b909

Source: initial sample	Static PE information: section name: UPX0
Source: initial sample	Static PE information: section name: UPX1

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Monitors certain registry keys / values for changes (often done to protect autostart functionality)

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Registry key monitored for changes: HKEY_CURRENT_USER_Classes
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Registry key monitored for changes: HKEY_CURRENT_USER_Classes
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Registry key monitored for changes: HKEY_CURRENT_USER_Classes
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Registry key monitored for changes: HKEY_CURRENT_USER_Classes
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Registry key monitored for changes: HKEY_CURRENT_USER_Classes

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\cmd.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX

Malware Analysis System Evasion

Query firmware table information (likely to detect VMs)

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe

System information queried: FirmwareTableInformation

Found a high number of Window / User specific system calls (may be a loop to detect user behavior)

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Window / User API: threadDelayed 407
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Window / User API: threadDelayed 1366
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Window / User API: threadDelayed 6092

May sleep (evasive loops) to hinder dynamic analysis

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe TID: 7724	Thread sleep time: -30000s >= -30000s
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe TID: 7600	Thread sleep time: -68300s >= -30000s
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe TID: 7612	Thread sleep time: -67000s >= -30000s
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe TID: 7656	Thread sleep time: -120000s >= -30000s
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe TID: 7600	Thread sleep time: -304600s >= -30000s

Queries disk information (often used to detect virtual machines)

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe

File opened: PhysicalDrive0

Queries keyboard layouts

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Key opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\d0010809
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Key opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\d0010809

Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct

Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Code Cache\wasm FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Code Cache\js FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Code Cache\wasm FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Code Cache\js FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\blob_storage\480ed7d7-fd4e-453e-b79d-02b791d40766 FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Cache\Cache_Data FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Cache\Cache_Data FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\blob_storage\598f662b-c588-4bf0-baf1-42c9cdb5f4a4 FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: unknown FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: unknown FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: unknown FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: unknown FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: unknown FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: unknown FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: unknown FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: unknown FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: unknown FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File Volume queried: unknown FullSizeInformation

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Local Storage\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Local\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Local\Adobe\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	File opened: C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe

Process information queried: ProcessInformation

Anti Debugging

Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation))

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	System information queried: CodeIntegrityInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	System information queried: CodeIntegrityInformation

Creates a process in suspended mode (likely to inject code)

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x148,0x170,0x7fff281a8e88,0x7fff281a8e98,0x7fff281a8ea8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1748 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2172 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2516 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1728410099568622 --launch-time-ticks=6947959127 --mojo-platform-channel-handle=3588 --field-trial-handle=1760,i,16445282264447873189,8404669123654048013,262144 --enable-features=MojoIpcz /prefetch:1
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x170,0x7fff281a8e88,0x7fff281a8e98,0x7fff281a8ea8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1736 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=1940 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2384 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView" --webview-exe-name=Illustrator_Set-Up.exe --webview-exe-version=2.13.0.14 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1728410099567448 --launch-time-ticks=6947678627 --mojo-platform-channel-handle=3360 --field-trial-handle=1740,i,8942737126626954924,10366560964277174099,262144 --enable-features=MojoIpcz /prefetch:1
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /C start chrome "https://ims-na1.adobelogin.com/ims/authorize?client_id=CreativeCloudInstallerWeb_v1_0&scope=allow_ac_dt_exchange%2Copenid%2CAdobeID%2Ccreative_cloud%2Ccreative_sdk%2Cread_organizations%2Csao.cce_private%2Cadditional_info.account_type&locale=en_US&redirect_uri=https%3A%2F%2Fauth.services.adobe.com%2Fen_US%2Fdeeplink.html%3Fdelegated_request_id%3D1641cfdd-1f35-4668-a023-46b1b40119fb%26client_id%3DCreativeCloudInstallerWeb_v1_0%26deeplink%3Ddelegation&ctx_id=WAM1_ILST_24"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ims-na1.adobelogin.com/ims/authorize?client_id=CreativeCloudInstallerWeb_v1_0&scope=allow_ac_dt_exchange%2Copenid%2CAdobeID%2Ccreative_cloud%2Ccreative_sdk%2Cread_organizations%2Csao.cce_private%2Cadditional_info.account_type&locale=en_US&redirect_uri=https%3A%2F%2Fauth.services.adobe.com%2Fen_US%2Fdeeplink.html%3Fdelegated_request_id%3D1641cfdd-1f35-4668-a023-46b1b40119fb%26client_id%3DCreativeCloudInstallerWeb_v1_0%26deeplink%3Ddelegation&ctx_id=WAM1_ILST_24"
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Process created: unknown unknown

Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Queries information about the installed CPU (vendor, model number etc)

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0

Queries the volume information (name, serial number etc) of a device

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\CreativeCloud\ACC\WAM.log VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\WidevineCdm\manifest.json VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\Trust Protection Lists\manifest.json VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\System32\spool\drivers\color\sRGB Color Space Profile.icm VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\segoeuib.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesbd.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesbi.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesbi.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\arial.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\arial.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ARIALN.TTF VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ARIALN.TTF VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ariali.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ariali.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ARIALNI.TTF VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\arialbd.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ARIALNB.TTF VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\arialbi.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ARIALNBI.TTF VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ARIALNBI.TTF VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ariblk.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ariblk.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\Trust Protection Lists\manifest.json VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\WidevineCdm\manifest.json VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\System32\spool\drivers\color\sRGB Color Space Profile.icm VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\segoeuib.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\timesbd.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\arial.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\arial.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ariali.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ARIALNI.TTF VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ARIALNI.TTF VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\arialbd.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\arialbd.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ARIALNB.TTF VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ARIALNB.TTF VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\arialbi.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ARIALNBI.TTF VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ARIALNBI.TTF VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ariblk.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\ariblk.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\MEIPreload\preloaded_data.pb VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Network\SCT Auditing Pending Reports VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Network\SCT Auditing Pending Reports VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe	Queries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\MEIPreload\preloaded_data.pb VolumeInformation

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Source: C:\Users\user\Desktop\Illustrator_Set-Up.exe

Registry value created: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION

ID:	1529343
Product:	CloudBasic
Start time:	21:50:12
Start date:	08.10.2024
Sample:	Illustrator_Set-Up.exe
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS
MD5:	72b180dbff325139bf4b1e24f935b9c1
SHA1:	185aade4b3521bf6fe04231130e097532406a51b
SHA256:	283672e422288d90838d3a0bdcd0a6cf56cc506b8ccd4fdb2c68b3ca9d3bc3f3
Filetype:	Win32 Executable (generic) a (10002005/4) 99.39%

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Local\Adobe\OOBE\temp_lbs_wid	ASCII text, with no line terminators	61837070C7FE61E18DA9910D680186CD	3C102EE9BD1EF81E9622C31FFACEC0373F12D53C	FE2DB7FDFC20008F7178ED25D5478F7A71A0FF757008A4533551656CD277A13E
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\141b9973-91da-4462-8d3f-2fe2168db201.tmp	JSON data	14053974C3CE0076AE160FF221152BDA	B0111D97ED38220C9E4AD0EF507D3CE0597EEFD3	A2C6C817C62E8D50CA615370DDD1BBA914385BD4E298A6AE4784D7BEDDAC8077
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\2041bd65-a883-4275-a7a7-3301c4fcce6d.tmp	JSON data	5C07F68B071EF1E6FAF5D6BCC2B0FCE0	83520BF50738B493FBB003B7A3D71D55179FD20C	F63EF6E5385F8C195A9B088C4BA37E5EBC99EB18021F568482C3966E71D38E3D
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\2cd6b875-c1d6-46aa-8b11-e83a234fa3ae.tmp	JSON data	2DE92F7C8B897FFA4EFAC8E67F07576A	0BBFC889A629A6CE419BF9D856AF4B1CA32B6798	CB5EEE1C3001B290C575836CF043FD071BD492242FE3C0F8432F1DEBD681F6B9
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\4ec1422a-c8a0-45d1-bca3-6f3e76fed3a1.tmp	JSON data	CBFE7D5A9AF9A12341AACF44EEE0418A	7280A9D71A4C6744DAD429122173138BEDF182BF	6B5BE087B257F14A180F2C5EB6F95A65C65A6D850B266D56BB80D2B2E8E6E8C8
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\76ef41f6-f7c6-4fd2-b640-e6f299a7adfd.tmp	JSON data	B11D00AF454EBB1B36F9E8CEB9490D8F	BB697EF39ED159D945E680C98600E8661DAA8A55	842C9D2397F762DE39384917F0E9CCA67DBBBC53E81E04E151483EA2E927F876
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Crashpad\settings.dat	data	005FC55400EE5F6F475777ADA75AC21C	3801096D5C4535EF7D1076F44B645066486F2836	37B567659E4A0CEFD4B9BDCF966882BA9259CE682DB50092EDEDF404D1B3437E
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Crashpad\throttle_store.dat	ASCII text	9E4E94633B73F4A7680240A0FFD6CD2C	E68E02453CE22736169A56FDB59043D33668368F	41C91A9C93D76295746A149DCE7EBB3B9EE2CB551D84365FFF108E59A61CC304
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\1f259d8e-bb15-478c-9302-013197a5a8a8.tmp	JSON data	0169375DBAB51834068675D46ADF498F	5F58B31E08E407586A582C7E6DB5797D24602CF7	ACAFD0DCDCD55422DC812962DA864F92A3BB93B442741C0057F260803F858743
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\4a84e4e1-2f93-4bb1-9335-abe2f3e4fab0.tmp	JSON data	8E3D23C39DD98A0C467AB9F4BB67C19F	52849EC328CAF8AF46400839462BDB05D94C8531	8F6EBA56539C3F2763B6CB73F6E73F371BE35EA654BD8FA3FD6B4C7DF4F630F4
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\80f6a3fc-4d38-4111-bf02-7d1d71015eed.tmp	JSON data	1E5C25C001EC66FCEB606EF13508EDAD	6763345720A8C7E9531A44966C07BE7484BE633E	D0EE05D1B875003BF594E7857A0F54034AD2BBBEB15AEF67B7793B20059EBD54
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\986fd3f9-a23d-468f-a62a-ff5ad51e8e1f.tmp	JSON data	5BA007B8C0D0467A90383CBE735145A9	698E13CE25C7BDDC0F48AE74D24C29A266883B8D	E6F8A759A2869A95D8D6BEEC402FD3E1ADAF20D817FD2BC9C633CABB7B8FCF53
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Cache\Cache_Data\f_000001	ASCII text, with very long lines (57092), with no line terminators	17320ABC99C150DB7F5A586F603DE034	4D00724B77910118EB172AC3828ED8E4C62DA8ED	A58236B77C721D4BAB1FEEC6CDB7D5AA3522CB13B5DCF03934EFED26BE501200
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Cache\Cache_Data\f_000002	ASCII text, with very long lines (65536), with no line terminators	4EF09D687997A94D0705C86840412212	31CB05ABE27437942CD4F71709C54AB531546A45	E709ECBDC7E0746F01747B45EC43902005367AC485CB154A7C37BC50E2EB0DE8
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Cache\Cache_Data\index	FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0	A0A9919267659876894D087F6183F1A8	C680630E9A4840FCDFBB7FAB1DCD9876AADE4F14	4188AB8644A14245346F3FAA0600737C7D90A166F02A34ACCDF43E93EA47FF99
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Code Cache\js\index-dir\temp-index	data	449383430F9F1CAC85A8609B216DEFB1	D3F524B089E02D6E1213C7859EE11628A5F7A2E2	41C5C32C8E04983A84BD2F08BB92F096B28616549DB1F19093777FE98815207C
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Code Cache\js\index-dir\the-real-index (copy)	data	449383430F9F1CAC85A8609B216DEFB1	D3F524B089E02D6E1213C7859EE11628A5F7A2E2	41C5C32C8E04983A84BD2F08BB92F096B28616549DB1F19093777FE98815207C
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Code Cache\wasm\index-dir\temp-index	data	4BF2E9A5D48B2F5CFD9DF953BD22E2C8	E77B335B0734A631AA184A457B6673A232F30A81	0BB02CE515ABEFA8E485117AD1711C7476E3A340D915A2D13C5601C87F06CB0F
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Code Cache\wasm\index-dir\the-real-index (copy)	data	4BF2E9A5D48B2F5CFD9DF953BD22E2C8	E77B335B0734A631AA184A457B6673A232F30A81	0BB02CE515ABEFA8E485117AD1711C7476E3A340D915A2D13C5601C87F06CB0F
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\DawnCache\index	FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0	CEB35031290D13AA2A26DE5B0D04207F	E1C0E49F74526BEAC1A9754F5C31C848A0F708AD	94ABED2CE0DDA51D79FBA87535FC6171A6DEDACBF3D7C68286F6E7CEB061B6B6
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\GPUCache\data_3	data	41876349CB12D6DB992F1309F22DF3F0	5CF26B3420FC0302CD0A71E8D029739B8765BE27	E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\GPUCache\index	FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0	CB429382006DB5DC1A8FA84665D3595B	2526BFDD97E8D692E7FBA86AD33CCEBC92CDA386	5D26A9DFD7397F797C6D4E4ABA48D8D0FB839AA81D23F358CAA478A9FDB62617
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Network\550bd4bc-99e2-4e97-a5f6-5131c65bed92.tmp	JSON data	D751713988987E9331980363E24189CE	97D170E1550EEE4AFC0AF065B78CDA302A97674C	4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Network\SCT Auditing Pending Reports (copy)	JSON data	D751713988987E9331980363E24189CE	97D170E1550EEE4AFC0AF065B78CDA302A97674C	4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Network\SCT Auditing Pending Reports~RF6a0442.TMP (copy)	JSON data	D751713988987E9331980363E24189CE	97D170E1550EEE4AFC0AF065B78CDA302A97674C	4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Network\Sdch Dictionaries (copy)	JSON data	20D4B8FA017A12A108C87F540836E250	1AC617FAC131262B6D3CE1F52F5907E31D5F6F00	6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Network\efc4ef72-ea8b-4c3d-90b2-58d25f2331d5.tmp	JSON data	20D4B8FA017A12A108C87F540836E250	1AC617FAC131262B6D3CE1F52F5907E31D5F6F00	6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Preferences (copy)	JSON data	780BF4AD37A30E13481DCEBFFFB676C1	5830800AB3F9768195D275552407A2E1647A8696	ED48C68B21C5E5F6DED30EE0ADDD9C7C26D394C1ECE4762FC03475F6F14D7ED2
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Preferences~RF6a57e0.TMP (copy)	JSON data	780BF4AD37A30E13481DCEBFFFB676C1	5830800AB3F9768195D275552407A2E1647A8696	ED48C68B21C5E5F6DED30EE0ADDD9C7C26D394C1ECE4762FC03475F6F14D7ED2
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Preferences~RF6a7f0f.TMP (copy)	JSON data	780BF4AD37A30E13481DCEBFFFB676C1	5830800AB3F9768195D275552407A2E1647A8696	ED48C68B21C5E5F6DED30EE0ADDD9C7C26D394C1ECE4762FC03475F6F14D7ED2
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Preferences~RF6b141c.TMP (copy)	JSON data	780BF4AD37A30E13481DCEBFFFB676C1	5830800AB3F9768195D275552407A2E1647A8696	ED48C68B21C5E5F6DED30EE0ADDD9C7C26D394C1ECE4762FC03475F6F14D7ED2
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Preferences~RF6b40c9.TMP (copy)	JSON data	780BF4AD37A30E13481DCEBFFFB676C1	5830800AB3F9768195D275552407A2E1647A8696	ED48C68B21C5E5F6DED30EE0ADDD9C7C26D394C1ECE4762FC03475F6F14D7ED2
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Preferences~RF6b793e.TMP (copy)	JSON data	780BF4AD37A30E13481DCEBFFFB676C1	5830800AB3F9768195D275552407A2E1647A8696	ED48C68B21C5E5F6DED30EE0ADDD9C7C26D394C1ECE4762FC03475F6F14D7ED2
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\PreferredApps	JSON data	2B432FEF211C69C745ACA86DE4F8E4AB	4B92DA8D4C0188CF2409500ADCD2200444A82FCC	42B55D126D1E640B1ED7A6BDCB9A46C81DF461FA7E131F4F8C7108C2C61C14DE
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\README	ASCII text, with no line terminators	643E00B0186AA80523F8A6BED550A925	EC4056125D6F1A8890FFE01BFFC973C2F6ABD115	A0C9ABAE18599F0A65FC654AD36251F6330794BEA66B718A09D8B297F3E38E87
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Secure Preferences (copy)	JSON data	8E3D23C39DD98A0C467AB9F4BB67C19F	52849EC328CAF8AF46400839462BDB05D94C8531	8F6EBA56539C3F2763B6CB73F6E73F371BE35EA654BD8FA3FD6B4C7DF4F630F4
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\a57c2cb2-473e-4cc4-b55a-d41531592dce.tmp	JSON data	780BF4AD37A30E13481DCEBFFFB676C1	5830800AB3F9768195D275552407A2E1647A8696	ED48C68B21C5E5F6DED30EE0ADDD9C7C26D394C1ECE4762FC03475F6F14D7ED2
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\d0e92c75-2c37-4ee8-aaec-bc07e3ae937f.tmp	JSON data	760E478B2DD55E81FD6B08F2FE3BD34B	A77CC7FFFBE536192B49F93E8A1DDECE5CC8B385	FA54151F1ED8049BF46F367439A11A3B20FCE6F89CBC0454D17F97EBF4BDC992
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\f7e90a46-53c2-4ccc-a33e-a1bd7d3ca4e9.tmp	JSON data	D2FE61DFCE248A326A9C14F983EC17D0	5E099BD898E382134188E39C49A8C1F7C83B1009	4C815655672E5935EC20EB8D21B7837BB6F591745EF1C3E88628CBB69C488000
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\GrShaderCache\index	FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0	C403C6BCCA4C724D17EDC49D1928E1CA	E30AFEE9818EC90106A65476D60369747493B2F8	32C4DE1F17953459EC45FD3204C598EFB7680D25722C63858B7901C17D28F62F
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\GraphiteDawnCache\index	FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0	9C34968575B5A14F953717E0264D75BC	24A60A04FE490276B1F2E578091468C4A5F5B43F	6313857515C8AB3C0CCAB6B3A474407E4D38BC1E3D316D0B0DC03823862B81A2
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Last Version	ASCII text, with no line terminators	BF16C04B916ACE92DB941EBB1AF3CB18	FA8DAEAE881F91F61EE0EE21BE5156255429AA8A	7FC23C9028A316EC0AC25B09B5B0D61A1D21E58DFCF84C2A5F5B529129729098
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Local State (copy)	JSON data	7330E668574564697E4B6BA6F6FA5023	66CAEE4FD929BD7157B52524F457F9BDA1B18370	67B55738B571EB837F59C04C371E38B058AE5F6B24C44F57C8E2EF2874A72727
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Local State~RF6a00f6.TMP (copy)	JSON data	7330E668574564697E4B6BA6F6FA5023	66CAEE4FD929BD7157B52524F457F9BDA1B18370	67B55738B571EB837F59C04C371E38B058AE5F6B24C44F57C8E2EF2874A72727
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Local State~RF6a01a2.TMP (copy)	JSON data	7330E668574564697E4B6BA6F6FA5023	66CAEE4FD929BD7157B52524F457F9BDA1B18370	67B55738B571EB837F59C04C371E38B058AE5F6B24C44F57C8E2EF2874A72727
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Local State~RF6a2825.TMP (copy)	JSON data	7330E668574564697E4B6BA6F6FA5023	66CAEE4FD929BD7157B52524F457F9BDA1B18370	67B55738B571EB837F59C04C371E38B058AE5F6B24C44F57C8E2EF2874A72727
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Local State~RF6a57f0.TMP (copy)	JSON data	7330E668574564697E4B6BA6F6FA5023	66CAEE4FD929BD7157B52524F457F9BDA1B18370	67B55738B571EB837F59C04C371E38B058AE5F6B24C44F57C8E2EF2874A72727
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Local State~RF6b1228.TMP (copy)	JSON data	7330E668574564697E4B6BA6F6FA5023	66CAEE4FD929BD7157B52524F457F9BDA1B18370	67B55738B571EB837F59C04C371E38B058AE5F6B24C44F57C8E2EF2874A72727
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Local State~RF6b4ed3.TMP (copy)	JSON data	7330E668574564697E4B6BA6F6FA5023	66CAEE4FD929BD7157B52524F457F9BDA1B18370	67B55738B571EB837F59C04C371E38B058AE5F6B24C44F57C8E2EF2874A72727
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Local State~RF6b793e.TMP (copy)	JSON data	7330E668574564697E4B6BA6F6FA5023	66CAEE4FD929BD7157B52524F457F9BDA1B18370	67B55738B571EB837F59C04C371E38B058AE5F6B24C44F57C8E2EF2874A72727
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\ShaderCache\data_0	FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0	CF89D16BB9107C631DAABF0C0EE58EFB	3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B	D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\ShaderCache\index	FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0	FE7FBA31A3B66C447DB58871E53C2311	FB33EF617841A56054C451E240D7130936781A45	DDBED29E681D071DCCBD504342FF22955F88E948B6282A1A6326558EE2DBEF96
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\SmartScreen\RemoteData\customSynchronousLookupUris	ASCII text, with no line terminators	7BAAFE811F480ACFCCCEE0D744355C79	24B89AE82313084BB8BBEB9AD98A550F41DF7B27	D5743766AF0312C7B7728219FC24A03A4FB1C2A54A506F337953FBC2C1B847C7
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\SmartScreen\RemoteData\edgeSettings	ASCII text, with no line terminators	5692162977B015E31D5F35F50EFAB9CF	705DC80E8B32AC8B68F7E13CF8A75DCCB251ED7D	42CCB5159B168DBE5D5DDF026E5F7ED3DBF50873CFE47C7C3EF0677BB07B90D4
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\SmartScreen\RemoteData\edgeSettings_2.0-0	JSON data	BDE38FAE28EC415384B8CFE052306D6C	3019740AF622B58D573C00BF5C98DD77F3FBB5CD	1F4542614473AE103A5EE3DEEEC61D033A40271CFF891AAA6797534E4DBB4D20
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\SmartScreen\RemoteData\synchronousLookupUris	ASCII text, with no line terminators	3F90757B200B52DCF5FDAC696EFD3D60	569A2E1BED9ECCDF7CD03E270AEF2BD7FF9B0E77	1EE63F0A3502CFB7DF195FABBA41A7805008AB2CCCDAEB9AF990409D163D60C8
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\SmartScreen\RemoteData\synchronousLookupUris_636976985063396749.rel.v2	data	0E06E28C3536360DE3486B1A9E5195E8	EB768267F34EC16A6CCD1966DCA4C3C2870268AB	F2658B1C913A96E75B45E6ADB464C8D796B34AC43BAF1635AA32E16D1752971C
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Variations	JSON data	961E3604F228B0D10541EBF921500C86	6E00570D9F78D9CFEBE67D4DA5EFE546543949A7	F7B24F2EB3D5EB0550527490395D2F61C3D2FE74BB9CB345197DAD81B58B5FED
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\d404cd23-ba60-4b87-bee7-d57986aa708f.tmp	JSON data	20DBA56A64E6617DEC49C813A25D4469	C11373EDF49A07AA848D3B25D504E32A236AA72B	DAF9666F5781663FDAB7A86631E1EB6104B0E961FFE5440064A91C6CBD246A50
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\de0a670d-e034-4264-8bee-7869f309a98e.tmp	JSON data	7330E668574564697E4B6BA6F6FA5023	66CAEE4FD929BD7157B52524F457F9BDA1B18370	67B55738B571EB837F59C04C371E38B058AE5F6B24C44F57C8E2EF2874A72727
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\e25bacce-aa7b-4184-937e-f1838097d004.tmp	JSON data	78B411BD452893D68E683D4BDA5E0021	A5013FC5FE842B9CAA36584C50F3A337369DE80D	EAED9DFAB770FB61B2544204DACFA8746CD52B2EF536E8B15D16E209F20EA672
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres	data	055C9929ED6A1B65F5B616E59FDD2227	CB037E0EDBBC94612720B6798038ED020378E19A	74E7307FC8FE7D50541BE273202F579E4B6730C7E8859152B7FAB7C867D6CDD3
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres	data	964BE20915CE853508DC3DF469256985	0F9498AF943A19AE457003FA750C7C3B5C59FE9E	64859AA15C16420BD35C159A711FE9FEAC5F93A148BE5578FC2E8A1B19D4AC2E
C:\Users\user\AppData\Local\Temp\CreativeCloud\ACC\WAM.log	Unicode text, UTF-16, little-endian text, with no line terminators	F3B25701FE362EC84616A93A45CE9998	D62636D8CAEC13F04E28442A0A6FA1AFEB024BBB	B3D510EF04275CA8E698E5B3CBB0ECE3949EF9252F0CDC839E9EE347409A2209
C:\Users\user\AppData\Local\Temp\NGL\NGLClient_CreativeCloudInstaller1.ngllogcontrolconfig	JSON data	06E127BB2A9B7DF80B64FB2599EAC750	FFAC03CAF707CCA61F5179737428FCE9CAB894EA	B3208276FED72CBD60E58DC2472CA329F1E9683C13086A785FEE0654A272977B
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\CCDInstaller.js	Unicode text, UTF-8 text, with very long lines (62606)	4B02242ED1B6281DB19B4F60C127CC5D	69EA4924A273DBB03F31D3C7D6D2CFD2270CAD1C	9FBF9FF720E09C16DA2066B8BAB9879A4C83682F687EBE806C5EA78E1EB9467B
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\0420e3da-ac8d-4097-9b0e-00b5a7b8b6a5.tmp	JSON data	EDBDE7C96BEF81D2A810DF064607625C	FAA5AD245E174B1406940C52B364DB27E3DFBB08	4FFB91CB89D4446E1DE60CE77E3F2E3ED98842D59F0AAF56283EB2014D93D038
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\05c10eec-9657-4b7f-ad76-bd267b2337c8.tmp	JSON data	E700E2C81C6C07A476C4709673C90F04	90E9841BFF129A2E3A8CD04716B1762CBABEE419	3896FA66B2B9C676D07714DB839D27D160A9FFA390E0ADA2B2AC76A74FAE2F3C
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\36ad1837-4994-4484-a199-4800a77badf2.tmp	JSON data	B01840AF13D318C1F8341D8AB394F121	DCA1B72821872F9ABE3771213D9640539ECFC644	6B9A42DA5FA730DC910721AFDE0796F315B04D2A7116F4D2BD941B275175EE27
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\4248b3c5-b94b-415d-9aed-55bd69a3c5d3.tmp	JSON data	FE11FB1B327AAE0FE0F2033597E63F6B	5A77945CE37A612EB090AA23F377158E91118C51	620636D183A2C50949D1A24AD712CB24CC533DF6D88A36803559C0B35AB31C37
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\767d559c-94df-43d9-822f-25a19a33be54.tmp	JSON data	99FAE4C1D160744C43C177E103F07D52	5D9F9C5A5ACB4E6F4C9788FE305741CFE37A3D70	DD18EABD6B0C1AD0B1E97591CF3C0A5D7100A4370E7F7466DA61F716BCD9123B
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\BrowserMetrics-spare.pma (copy)	data	1045BFD216AE1AE480DD0EF626F5FF39	377E869BC123602E9B568816B76BE600ED03DBD0	439292E489A0A35E4A3A0FE304EA1A680337243FA53B135AA9310881E1D7E078
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\BrowserMetrics-spare.pma.tmp	data	1045BFD216AE1AE480DD0EF626F5FF39	377E869BC123602E9B568816B76BE600ED03DBD0	439292E489A0A35E4A3A0FE304EA1A680337243FA53B135AA9310881E1D7E078
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Crashpad\settings.dat	data	B75B8F092BF75A118A6437B2BB36B6A6	7723FC2F7555205F287282F242ADC92058AD41A0	8942C2FEB5325CDF84BA1E187F851E277A7D99257DE1AE61582FAB741803EEA6
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\09e364b8-a917-4342-a689-e21cf1f74d7f.tmp	JSON data	85598C40B9A4754C4671DCAFD59C20D7	D48A4604DB7E4784FEE903E788A223F22869FF0C	8C17CF220FE66343A5D0581BF7C6FE0619BE312CDCD9C5C68D07628D338A6885
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\266bb6ef-d0d1-4fc4-a2b0-02bcd23f5281.tmp	JSON data	A44DB13449CFB995D9CD435EB14609F4	0FAF2EE2F7F2912FC5357AB524EFCD47BA31ADD3	FC9ECA092AC51180A5F92E05501ADC99285FCE1DC6E0F73619D50A20AA184503
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\4991b022-2601-40e8-9d82-a00fbdad9328.tmp	JSON data	837AB2BDEB5988E9A6CA1B114936BDD5	DF75B1280EA8AE312C484DD260454F00936FDFCE	9CA26C213D7432AFFF38ACA35C9539A2F715D48F1C1664668892DD4551790A8E
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Cache\Cache_Data\f_000001	ASCII text, with very long lines (15202)	720529043EC027D2768EF7CDE3EEAD0C	EBE0628E214BA3FFC4C8DA463035B7C87FC1E695	5788217AF30E06EBC039553CA37F5B059EBD0D5A248FF33F0822EE600C48A3ED
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Cache\Cache_Data\f_000003	Web Open Font Format (Version 2), CFF, length 29924, version 1.0	FCFE600FE9BF0239A8C3CD48738EC2DA	C735EDEB5AC056F41E063A46B2F508057C9DBDAB	62517736E6872FB13CE951C67D689DEF5F6AC4AC222299BFE1E37AC5F05C37AD
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Cache\Cache_Data\f_000004	Web Open Font Format (Version 2), CFF, length 29752, version 1.0	B45F7B0B58EA5CD543323A5E4BA4724B	03E815A2FA7461F31FC8ECC18A7063930FC87475	9ABA873D54C84D8D56CFE572AB802BB34322DE6FD945C286D278FABE29A9F3F0
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Cache\Cache_Data\f_000005	Web Open Font Format (Version 2), CFF, length 29980, version 1.0	864FC6D95444FD085441968A712F6C9F	7E54F060DF28A16E146AB1EB15AB3A59D3D9BE06	371F06319FA71DE555AEBEFCFFBE3C1F755E5761D90AACD9BBA0C64C6CF40090
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Cache\Cache_Data\index	FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0	486AB1970A28772C095F9294C9FE2E72	A78AAB7B5C8AC1E50F4D841D95076F00E033867D	978A0BADBD0BF3AC8C4779AA9D61CD025F453579A20946CB39318D01555C7DD9
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Code Cache\js\98de40acdbe972e7_0	data	09DCE0A9C4FF53DB8E5BF5E01B951450	4F71F548427BD1749CEE1EC86E51E738A1E93415	C36EAAFB48D228830B25EC2CC508A371A0DEE82686A5E8C3FA87C27410B67586
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Code Cache\js\index	data	54CB446F628B2EA4A5BCE5769910512E	C27CA848427FE87F5CF4D0E0E3CD57151B0D820D	FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Code Cache\js\index-dir\temp-index	data	AF76125FE2C03A8E66CE2107D9DFDC4B	361A56E2262709452A0C6F600B4DD7907BFC08FA	5A29E684A9D59C11CAD093F4E53355826DD90AB665FE13598878CBB35494FFEA
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Code Cache\js\index-dir\the-real-index (copy)	data	7E233191C1CB25C5A35C7C89FBDEC9E6	6E3F35F91AD09ED06E2129DA2FC1FF5710938BDD	6D5E12B1AE7ADB366E3500EE1C1054F14F417CD56D73892B7DF24B0A9431E5A4
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Code Cache\js\index-dir\the-real-index~RF6ba0db.TMP (copy)	data	7E233191C1CB25C5A35C7C89FBDEC9E6	6E3F35F91AD09ED06E2129DA2FC1FF5710938BDD	6D5E12B1AE7ADB366E3500EE1C1054F14F417CD56D73892B7DF24B0A9431E5A4
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Code Cache\wasm\index-dir\temp-index	data	189A79C145E650D976394ECEE87EE856	5711D6604187B432DEC56597B32D1DBA9BD85E19	3ACE38AB893089DE9C9F6E21C4EA35482EF8FA31BF49696C7826125DA77BE19B
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Code Cache\wasm\index-dir\the-real-index (copy)	data	189A79C145E650D976394ECEE87EE856	5711D6604187B432DEC56597B32D1DBA9BD85E19	3ACE38AB893089DE9C9F6E21C4EA35482EF8FA31BF49696C7826125DA77BE19B
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\DawnCache\index	FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0	C9E447D76D3EC8E26B1A2F7F23EFE4BF	7F0E420F37EE597C18E5A2E180024DDB8D736B36	51C609AA83C9943B02D09C8538E1AAB282F2D1ACDD2608904CBAFC076CF26890
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\GPUCache\index	FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0	77094C96DB3E4240AF3543AB5EE0DF0F	2033847A0025CA621AFAAE5E802E1B8D8C2755D5	C7E83B9CD914D582C1C94F9D6341C6AD929B88FB9A919AE3617DD973245965DC
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Local Storage\leveldb\000001.dbtmp	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Local Storage\leveldb\CURRENT (copy)	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Network\45b4c161-6cd9-43c2-8be9-aa505560615d.tmp	JSON data	285252A2F6327D41EAB203DC2F402C67	ACEDB7BA5FBC3CE914A8BF386A6F72CA7BAA33C6	5DFC321417FC31359F23320EA68014EBFD793C5BBED55F77DAB4180BBD4A2026
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Network\8c2ee87c-8d8a-43a5-b72c-2b8c29b6d50b.tmp	JSON data	2800881C775077E1C4B6E06BF4676DE4	2873631068C8B3B9495638C865915BE822442C8B	226EEC4486509917AA336AFEBD6FF65777B75B65F1FB06891D2A857A9421A974
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Network\Network Persistent State (copy)	JSON data	2800881C775077E1C4B6E06BF4676DE4	2873631068C8B3B9495638C865915BE822442C8B	226EEC4486509917AA336AFEBD6FF65777B75B65F1FB06891D2A857A9421A974
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Network\Network Persistent State~RF6b2d80.TMP (copy)	JSON data	2800881C775077E1C4B6E06BF4676DE4	2873631068C8B3B9495638C865915BE822442C8B	226EEC4486509917AA336AFEBD6FF65777B75B65F1FB06891D2A857A9421A974
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Preferences (copy)	JSON data	4983C1136B5097F6B32B25EDEFD419E6	5D5566A86EE05A8DAFEEF4383C2A61E43A93172C	F59B9D4FD46BE6F3DE632D9FC2EF3A5E401F8EC6686E2D1614B43C7428B97907
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Preferences~RF6a9eec.TMP (copy)	JSON data	4983C1136B5097F6B32B25EDEFD419E6	5D5566A86EE05A8DAFEEF4383C2A61E43A93172C	F59B9D4FD46BE6F3DE632D9FC2EF3A5E401F8EC6686E2D1614B43C7428B97907
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Preferences~RF6b1295.TMP (copy)	JSON data	4983C1136B5097F6B32B25EDEFD419E6	5D5566A86EE05A8DAFEEF4383C2A61E43A93172C	F59B9D4FD46BE6F3DE632D9FC2EF3A5E401F8EC6686E2D1614B43C7428B97907
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Preferences~RF6b8a17.TMP (copy)	JSON data	4983C1136B5097F6B32B25EDEFD419E6	5D5566A86EE05A8DAFEEF4383C2A61E43A93172C	F59B9D4FD46BE6F3DE632D9FC2EF3A5E401F8EC6686E2D1614B43C7428B97907
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Secure Preferences (copy)	JSON data	85598C40B9A4754C4671DCAFD59C20D7	D48A4604DB7E4784FEE903E788A223F22869FF0C	8C17CF220FE66343A5D0581BF7C6FE0619BE312CDCD9C5C68D07628D338A6885
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Site Characteristics Database\MANIFEST-000001	OpenPGP Secret Key	5AF87DFD673BA2115E2FCF5CFDB727AB	D5B5BBF396DC291274584EF71F444F420B6056F1	F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\d85f7358-12e5-4f76-b890-a0a2796402f9.tmp	JSON data	82B17E1AC2CFC53EBC6D29A7D62054A2	B25B4CB4E170AA7D12E37104F0A1C8BF8A3A699F	53137584A1E798AA05FAB81CAB4FD858FB4A8BE3EA061FCD46B295858C217A2E
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\dd00d9d0-9b79-40f5-9bca-d86c73d88501.tmp	JSON data	4983C1136B5097F6B32B25EDEFD419E6	5D5566A86EE05A8DAFEEF4383C2A61E43A93172C	F59B9D4FD46BE6F3DE632D9FC2EF3A5E401F8EC6686E2D1614B43C7428B97907
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\GrShaderCache\data_1	data	259E7ED5FB3C6C90533B963DA5B2FC1B	DF90EABDA434CA50828ABB039B4F80B7F051EC77	35BB2F189C643DCF52ECF037603D104035ECDC490BF059B7736E58EF7D821A09
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\GrShaderCache\index	FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0	7317B71D3A5E607100ECB58154BAB25F	55EB66FAFDCF9E8A800C126BA36BD7AC4354111C	2FD54DA3BB2D8CA7F98B891711063FFAAC80E99DC41933B81D26E5CC419CBEC5
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\GraphiteDawnCache\index	FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0	49566272630ABA9A531F5BFD03BF9FE2	F468C523D4E96BA572DCE69C41BDC95BACCFB4AA	A5A563C64F5A6E378079EA616037FAA8AB3593AE453CEFD319FA03E4BBB5B124
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Local State (copy)	JSON data	99FAE4C1D160744C43C177E103F07D52	5D9F9C5A5ACB4E6F4C9788FE305741CFE37A3D70	DD18EABD6B0C1AD0B1E97591CF3C0A5D7100A4370E7F7466DA61F716BCD9123B
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Local State~RF6a0144.TMP (copy)	JSON data	99FAE4C1D160744C43C177E103F07D52	5D9F9C5A5ACB4E6F4C9788FE305741CFE37A3D70	DD18EABD6B0C1AD0B1E97591CF3C0A5D7100A4370E7F7466DA61F716BCD9123B
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Local State~RF6a0192.TMP (copy)	JSON data	99FAE4C1D160744C43C177E103F07D52	5D9F9C5A5ACB4E6F4C9788FE305741CFE37A3D70	DD18EABD6B0C1AD0B1E97591CF3C0A5D7100A4370E7F7466DA61F716BCD9123B
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Local State~RF6a2825.TMP (copy)	JSON data	99FAE4C1D160744C43C177E103F07D52	5D9F9C5A5ACB4E6F4C9788FE305741CFE37A3D70	DD18EABD6B0C1AD0B1E97591CF3C0A5D7100A4370E7F7466DA61F716BCD9123B
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Local State~RF6b1228.TMP (copy)	JSON data	99FAE4C1D160744C43C177E103F07D52	5D9F9C5A5ACB4E6F4C9788FE305741CFE37A3D70	DD18EABD6B0C1AD0B1E97591CF3C0A5D7100A4370E7F7466DA61F716BCD9123B
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\ShaderCache\data_2	data	0962291D6D367570BEE5454721C17E11	59D10A893EF321A706A9255176761366115BEDCB	EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\ShaderCache\index	FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0	44F2BA2BF0DA9A88EFC9B30889CB0FE1	8259898D948283D291E6D3B09AC34DDA19D359A6	53D9FDEE1B21F6D7CB4125EAA5527A7E97814F774EBBAC0A60BF1A2C016681CC
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\SmartScreen\RemoteData\customSettings	ASCII text, with no line terminators	48324111147DECC23AC222A361873FC5	0DF8B2267ABBDBD11C422D23338262E3131A4223	D8D672F953E823063955BD9981532FC3453800C2E74C0CC3653D091088ABD3B3
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14	JSON data	BB57A76019EADEDC27F04EB2FB1F1841	8B41A1B995D45B7A74A365B6B1F1F21F72F86760	2BAE8302F9BD2D87AE26ACF692663DF1639B8E2068157451DA4773BD8BD30A2B
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\SmartScreen\RemoteData\topTraffic	ASCII text, with no line terminators	E144AFBFB9EE10479AE2A9437D3FC9CA	5AAAC173107C688C06944D746394C21535B0514B	EB28E8ED7C014F211BD81308853F407DF86AEBB5F80F8E4640C608CD772544C2
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371	data	BE5D1A12C1644421F877787F8E76642D	06C46A95B4BD5E145E015FA7E358A2D1AC52C809	C1CE928FBEF4EF5A4207ABAFD9AB6382CC29D11DDECC215314B0522749EF6A5A
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\index.css	ASCII text, with very long lines (65536), with no line terminators	714E04A1F8FB3331BBAFA9E43D6DEF10	0091F5FC5CB5DF898499C8078A9AD3AA5A7D2DB5	86281E1AF2459D957E514EDDA85B86797BEAA231CFAA55E877A6A10F5506F5A1
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\index.html	HTML document, ASCII text, with CRLF line terminators	A28AB17B18FF254173DFEEF03245EFD0	C6CE20924565644601D4E0DD0FBA9DDE8DEA5C77	886C0AB69E6E9D9D5B5909451640EA587ACCFCDF11B8369CAD8542D1626AC375
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 8 18:52:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	10072D7DD4FA2F261892A78C25A14997	639E53B8D442A7EF1817B2619F44DCF7381D38C8	2559A2C0409094CA19A31F808D0B82AAD6D529195002B09A260FFCE22C5AB847
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 8 18:52:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	99AA260F0E62507540C59C8144917518	127437350771E590665B1866976FA2DC624543DA	96959ABF5ED1003BD4808F7B8CA09ADA08A72B5F26D76E1D0DD44FDF390F2AD4
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	4589151C49ABDA51080B106614C104AB	3B0CCFF9924E5C77C2B73A09A83A09AEB6F65785	59C9237D63D23F987430A8A09F9544992866B956D34D3B10FE1C1DFBB7AE409E
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 8 18:52:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	D1BA4F26FFC7E3EAD083EB55107161D3	675B8AEA7686583545A23CDB69FAD1B161B3BB1B	171534A0D56656FB9E935EBAFADE1D4CD4C3DFB445C2CD28E46CCC1E2D3B638D
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 8 18:52:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	13EEF85C5C4DE227E3BB71D4C57357E0	D9DDF22BEEF70523C980C50D03931AA92949A0EF	793AEE6C2C9500A9F6D999B29A502A30A005C80ECE41186FC412545FFF2EE513
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 8 18:52:12 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	858FB9DA818D2B7F5D568FFF1CC61544	F235E8245FDAD7EDCC18664B3D7A99150ACC36B6	F0351BD4A6298D415BE46F009D40E035F9E4C3CD21D5E99E674BC705CCAA8ABE
C:\Users\user\AppData\Roaming\com.adobe.dunamis\f65a88c9-12b3-4201-a633-87cf11b91fa8\v1\0\anon_events\a5d39f38-5c3f-4abb-9949-0a81170c32f2	data	31AD35B8E90659595CB608FA810F9633	01191AE37968608FC2634C9F0F43221E66A04F43	7EEB1606FD26889122C022A6F4EF6474E26FA28B1818D267CE76E77ACC175148
C:\Users\user\AppData\Roaming\com.adobe.dunamis\f65a88c9-12b3-4201-a633-87cf11b91fa8\v1\0\anon_events\manifest	data	C5534B5778F5F9D5724A26F28A9AA7C6	1AFF941922B79446F1454E1C791E50AB73DC7694	6EB9F2013D77800EFBF203093F8E6972328209FD50BED190A27887A9C7A48014

Windows Analysis Report
Illustrator_Set-Up.exe

Overview

General Information

Detection

Signatures

Classification

Signatures

Bitcoin Miner

Compliance

Spreading

Software Vulnerabilities

Networking

System Summary

Data Obfuscation

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

HIPS / PFW / Operating System Protection Evasion

Language, Device and Operating System Detection

Lowering of HIPS / PFW / Operating System Security Settings

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Windows Analysis Report Illustrator_Set-Up.exe

Overview

General Information

Detection

Signatures

Classification

Signatures

Bitcoin Miner

Compliance

Spreading

Software Vulnerabilities

Networking

System Summary

Data Obfuscation

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

HIPS / PFW / Operating System Protection Evasion

Language, Device and Operating System Detection

Lowering of HIPS / PFW / Operating System Security Settings

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Windows Analysis Report
Illustrator_Set-Up.exe